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Digital content distribution using web broadcasting 



services 



(57) A method of securely receiving data on a user's 
system from a web broadcast infrastructure with a plu- 
rality of channels. The method comprising the steps of: 
receiving promotional metadata from a first web broad- 
cast channel, the promotional metadata related to data 
available for reception; assembling at least part of the 
promotional metadata into a promotional offering for re- 
view by a user; selecting by a user, data to be received 
related to the promotional metadatar receiving data from 



a second web broadcast channel, the data selected 
from the promotional metadata, and wherein the data 
has been previously encrypted using a first encrypting 
key; and receiving the first decrypting key via a compu- 
ter readable medium, the first decrypting key for de- 
crypting at least some of the data received via the sec- 
ond web broadcast channel. In another embodiment, a 
method and system to transmit data securely from a web 
broadcast centre is disclosed: ■ ■ 
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can remove the ability of the retail stores from differentiating themselves from each other and differentiate themselves 
from the content owners, especially on the Web. Therefore a need exists to provide retailers of electronic content such 
as pictures, games, music, programs and videos a way to differentiate themselves from each other and the content 
owners when selling music through electronic distribution. 
s [0007] Content owners prepare their digital content for electronic distribution through distribution sites such as elec- 
tronic stores. Electronic stores on the Internet, or through other online services, want to differentiate themselves from 
. each other by their product offerings and product promotions. A traditional store, i.e. - the non-electronic, non-online 
analogs to electronic stores - use product promotions, product sales, product samples, liberal return policies and other 
promotional programs to differentiate themselves from their competitors. However, in the online world where the content 
10 providers impose usage conditions on the digital content, the ability of electronic stores to differentiate themselves may 
be severely limited. Moreover, even if the usage conditions can be changed, electronic stores are faced with the difficult 
task of processing the metadata associated with the digital content from the content providers to promote and sell 
products electronically. Electronic stores need to manage several requirements when processing the metadata. First, 
the electronic store is required to receive the metadata associated with the digital content from the content providers. 
15 Many times, parts of this metadata may be sent encrypted, so the content provider must create a mechanism to decrypt 
the encrypted content. Second, the electronic store may wish to preview metadata from the content provider either 
before the content is received from the content provider or after the content is received by the electronic store, in order 
to assist with product marketing, product positioning and other promotional considerations for the content. Third, the 
electronic store is required to extract certain metadata used for promotional materials such as graphics and artist 
20 information. Often, this promotional material is used directly by the electronic store in its online promotions. Fourth, 
the electronic stores may wish to differentiate themselves from one another by modifying some of the permitted usage 
conditions to create different offerings of the digital content. Fifth, the electronic store may have to insert or alter certain 
addresses, such as URLs, in the metadata to direct payment reconciliation to an account reconciliation house auto- 
matically by the purchaser without the need to go through the electronic store for payment clearance. Sixth, the elec- 
tronic store may need to create licenses for the permitted use of the copyrighted digital content that match usage 
conditions. For example, the license may grant the permission to make a limited number of copies of the digital content. 
A license is needed to reflect the terms and conditions of the permission granted. 

[0008] In light of all these requirements, to process the metadata related to the digital content, many electronic stores 
write customised software programs to handle these requirements. The time, cost and testing needed to create these 

30 customised software programs can be large. Accordingly, a need exists to provide a solution to these requirements. 
[0009] Still, another reason owners of digital content have been slow to embrace electronic distribution is the difficulty 
in preparing content for electronic distribution. Today, many providers of content have thousands or even tens of thou- 
sands of titles in their portfolio. In a music example, it is not unusual for a content owner to have a single master sound 
recording available on several different formats simultaneously (e.g. CD, tape and MiniDisc). In addition, a single format 

35 can have a master sound recording re-mastered or re-mixed for a specific distribution channel. As an example, the 
mixing for broadcast radio may be different than the mixing for a dance club sound track, which may be different than 
a generally available consumer CD. Inventorying and keeping track of these different mixes can be burdensome. More- 
over, many owners of master recordings often times re-issue old recordings in various subsequent collections, such 
as The Best Of, or in compilations for musical sound tracks to movies and other collections or compilations. As more 

40 content is offered digitally, the need to re-mix and encode the content for electronic distribution grows. Many times 
providers need to use old recording formats as guides to select the correct master sound recordings and have these ■ 
sound recordings reprocessed and encoded for release for electronic distribution. This may be especially true for 
content providers that wish to use their old formats to assist them in re-releasing the old sound recording for electronic 
distribution. Providers will look through databases to match up titles, artists and sound recordings to set the encoding 

<*5 parameters. This process of manually searching databases for recording portfolios is not without its shortcomings. One 
shortcoming is the need to have an operator manually search a database and set the processing parameters appro- 
priately. Another shortcoming is the possibility of operator transcription error in selecting data from a database. Ac- 
cordingly, a need exists to provide content providers a method to automatically retrieve associated data and master 
recordings for content such as audio. 

so [0010] Content owners prepare their digital content for electronic distribution through a process known as encoding. 
Encoding involves taking the content, digitising it, if the content is presented in an analog format, and compressing it. 
The process of compressing allows the digital content to be transferred over networks and stored on recordable medium 
more efficiently because the amount of data transmitted or stored is reduced. However, compression is not without its 
shortcomings. Most compression involves the loss of some information, and is called lossy compression. Content 

55 providers must make decisions on what compression algorithm to use and the compression level required. For example, 
in music, the digital content or song may have very different characteristics depending on the genre of the music. The 
compression algorithm and compression level selected for one genre may not be the optimal choice for another genre 
of music. Content providers may find certain combinations of compression algorithms and compression levels work 
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metadata; receiving data from a second web broadcast channel, the data selected from the promotional metadata 
and wherein the data has been previously encrypted using a first encrypting key; and receiving the first decrypting key 
via a computer readable medium, the first decrypting key for decrypting at least some of the data received via the 
second web broadcast channel. 

[001 7\ In another embodiment, a method and system to transmit data securely from a web broadcast centre is dis- 



closed 

BRIEF DESCRIPTION OF THE DRAWINGS 



[0018] FIG. 1 Is a block diagram illustrating an over view of a Secure Digital Content Electronic Distribution System 
according to the present invention. <=> yS iem 

£0019] FIG. 2 is a block diagram Illustrating an example Secure Container (SC) and the associated graphical repre- 
sentations according to the present invention. H 
[0020] FIG. 3 Is a block diagram illustrating an overview of the encryption process for a Secure Container (SC) 
according to the present invention. ' 

[0021] FIG^4 is a block diagram illustrating an overview of the de-encryption process for a Secure Container (SC) 
according to the present invention. 1 ' 

[0022] FIG. 5 is a block diagram illustrating an overview of the layers for the Rights Management Architecture of the 
Secure Digital Content Distribution System of FIG. 1 according to the present invention 

[0023] FIG. 6 is a block diagram illustrating ari' overview oftHe^ Content Distribution and Licensing Conlror as It applies 
to the License Control Layer of FIG. 5. 

[0024] FIG. 7 is an illustration of an example user interface for the Work Flow Manager Tool of FIG 1 accordina to 
the present invention. a 
[0025] FIG. 8 is a block diagram of the major tools, components and processes of the Work Flow Manager corre- 
sponding to the user interface in FIG. 7 according to the present invention. 
[0026] FIG. 9 is a block diagram illustrating the major tools, components and processes of an Electronic Digital 
Content Store of FIG. 1 according to the present invention. 

[0027] FIG. 1 0 is a block diagram illustrating the major components and processes of an End-User Device(s) of FIG 
1 according to the present invention. 
30 [0028] FIG. 1 1 is a flow diagram of a method to calculate an encoding rate factor for the Content Preprocessing and 
Compression tool of FIG. 8 according to the present invention. 

[0029] FIG. 12 is a flow diagram of a method to automatically retrieve additional information for the Automatic Meta- 
data Acquisition Tool of FIG. 8 according to the present invention. 

3S [ ^k 0I d FIG * 13 ( f 8 f, ° W dia9ram ° f 3 meth0d t0 automatica "y set the Preprocessing and Compression parameters 
35 of the Preprocessing and Compression Tool of FIG. 8 according to the present invention 

[0031] FIG. 1 4 is an example of user interface screens of the Player Application downloading content to a local library 

as described in FIG. 15 according to the present invention. 

[0032] FIG. 15 is a block diagram illustrating the major components and processes of a Player Application running 
on End-User Device of FIG. 9 according to the present invention. 9 

40 invention F,G " 1 6 '* eXamP ' e ^ ° f * e P ' ay8r App,ication of FIG - 15 according to the present 

[0034] FIG. 1 7 is a flow diagram of an alternate embodiment to automatically retrieve additional information for the 
Automatic Metadata Acquisition Tool of FIG. 8 according to the present invention. 

[0035] FIG. 18 is a high level logical diagram of an alternate embodiment of electronic distribution of digital content 
« using broadcast infrastructure, according to the present invention. 

Ti 6 t ! , FIG ; 19 iS a detaHed b,OCk diagram ° f FIG - 18 ' il,ustratin 9 an alternate embodiment of electronic distribution 
of digital content using broadcast infrastructure , according to the present invention. 

[0037] FIG. 20 is a block diagram of the packet being broadcast in the alternate embodiment of FIG 1 8 accordina 
to the present invention. ' y 

[0038] FIG 21 is a flow diagram for a process running on the End User Device for purchasing content over the 
alternate embodiment of FIG. 1 8., according to the present invention. 

[0039] FIGS 22-26 are a series of screen shots illustrating the user's purchase on a television using the alternate 
embodiment of FIG. 1 8, according to the present invention. 

[0040] FIG. 27 is a detailed block diagram of FIG. 18, illustrating an alternate embodiment of electronic distribution 
rnn^f r?^"' USin9 separate channe 's a web broadcasting service, according to the present invention 
[0041] FIG 28 is a flow diagram for a process running on the End User Device for purchasing content over the 
alternate embodiment of FIG. 27, according to the present invention. 

[0042] FIGS. 29-38 are a series of screen shots illustrating the user's purchase on a television using the alternate 
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V. SECURE CONTAINER STRUCTURE 
[0048] 

A. General. Structure 

B. Rights Management Language Syntax and Semantics 

C. Overview of Secure Container Flow and Processing 

D. Metadata Secure Container 620 Format 

E. Offer Secure Container 641 Format 

F. Transaction Secure Container 640 Format 

G. Order Secure Container 650 Format 

H. License Secure Container 660 Format 

I . Content Secure Container Format 

VI. SECURE CONTAINER PACKINQ AND UNPACKING 
[0049] 

A. Overview 

B: Bill of Materials (BOM) Part 
C. Key Description Part 

VII. CLEARINGHOUSE^) 
[0050] 

A. Overview 

B. Rights Management Processing 

C. Country Specific Parameters 

D. Audit Logs and Tracking 

E. Reporting of Results 

F. Billing and Payment Verification 

G. Retransmissions 

VIII. CONTENT PROVIDER 
[0051] 

A. Overview 

B. Work Flow Manager 

1 . Products Awaiting Action/Information Process 

2. New Content Request Process 

3. Automatic Metadata Acquisition Process 

4. Manual Metadata Entry Process 

5. Usage Conditions Process 

6. Supervised Release Process 

7. Metadata SC(s) Creation Process 

8. Watermarking Process 

9. Preprocessing and Compression Process 

10. Content Quality Control Process 

11. Encryption Process 

12. Content SC(s) Creation Process 

13. Final Quality Assurance Process 

14. Content Dispersement Process 

15. Work Flow Rules 



C. Metadata Assimilation and Entry Tool 
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E. End-User Device(s) 109 in Broadcast Delivery Mode 

1 . Multi-Tier Digital TV Embodiment 

2. Web broadcasting Over Separate Channels Embodiment 

I. SECURE DIGITAL CONTENT ELECTRONIC DISTRIBUTION SYSTEM 
A. System Overview 
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Provider(s) 101 include Sony, Time-Warner, MTV, IBM, Microsoft, Turner, Fox and others. 

[0068] Content Provider(s) 1 01 use tools provided as part of the Secure Digital Content Electronic Distribution System 
100 in order to prepare their Content 113 and related data for distribution. A Work Flow Manager Tool 154 schedules 
Content 1 1 3 to be processed and tracks the Content 1 1 3 as it flows through the various steps of Content 113 preparation 
and packaging to maintain high quality assurance. The term metadata is used throughout this document to mean data 
related to the Content 113 and in this embodiment does not include the Content 113 itseif. As an example, metadata 
for a song may be a song title or song credits but not the sound recording of the song. The Content 1 1 3 would contain 
the sound recording. A Metadata Assimilation and Entry Tool 1 61 is used to extract metadata from the Content Provider 
(s)' Database 160 or data provided by the Content Provider(s) in a prescribed format (for a music example the Content 
113 information such as CD title, artist name, song title, CD artwork, and more) and to package it for electronic distri- 
bution. The Metadata Assimilation and Entry Tool 161 is also used to enterthe Usage Conditions for the Content 113. 
The data in Usage Conditions can include copy restriction rules, the wholesale price, and any business rules deemed 
necessary. A Watermarking Tool is used to hide data in the Content 1 1 3 that identifies the content owner, the processing 
date, and other relevant data. For an embodiment where the Content 113 is audio, an audio preprocessor tool Is used 
to adjust the dynamics and/or equalise the Content 113 or other audio for optimum compression quality, compress the 
Content 1 1 3 to the desired compression levels, and encrypt the Content 113. These can be adapted to follow technical 
advances in digital content compression/encoding, encryption, and formatting methods, allowing the Content Provider 
(s) 1 01 to utilise best tools as they evolve over time in the marketplace. 

[0069] The encrypted Content 113, digital content-related data or metadata, and encrypted keys are packed in SCs 
(described below) by the SC Packer Tool and stored in a content hosting site and/or promotional web site for electronic 
distribution. The content hosting site can reside at the Content Provider(s) 101 or in multiple locations, including Elec- 
tronic Digital Content Store(s) 1 03 and Intermediate Market Partners (not shown) facilities. Since both the Content 113 
and the Keys (described below) are encrypted and packed in SCs, Electronic Digital Content Store(s) 1 03 or any other 
hosting agent can not directly access decrypted Content 113 without clearance from the ClearingHouse(s) and notifi- 
cation to the Content Provider(s) 101. 

2: Electronic Digital Content Store(s) 103 

[0070] Electronic Digital Content Store(s) 1 03 are the entities who market the Content 1 1 3 through a wide variety of 
services or applications, such as Content 113 theme programming or electronic merchandising of Content 113. Elec- 
tronic Digital Content Store(s) 103 manage the design, development, business operations, settlements, merchandising, 
marketing, and sales of their services. Example online Electronic Digital Content Store(s) 1 03 are Web sites that provide 
electronic downloads of software. 

[0071] Within their services, Electronic Digital Content Store(s) 1 03 implement certain functions of the Secure Digital 
Content Electronic Distribution System 100. Electronic Digital Content Store(s) 103 aggregate information from the 
Content Provider(s) 101, pack content and metadata in additional SCs, and deliver those SCs to consumers or busi- 
nesses as part of a service or application. Electronic Digital Content Store(s) 1 03 use tools provided by the Secure 
Digital Content Electronic Distribution System 100 to assist with: metadata extraction, secondary usage conditions, 
SC packaging, and tracking of electronic content transactions. The secondary usage conditions data can include retail 
business offers such as Content 113 purchase price, pay-per-listen price, copy authorisation and target device types, 
or timed-availability restrictions. 

[0072] Once an Electronic Digital Content Store(s) 1 03 completes a valid request for electronic Content 1 1 3 from an 
End-User(s), the Electronic Digital Content Store(s) 103 is responsible for authorising the ClearingHouse(s) 105 to 
release the decryption key for the Content 1 1 3 to the customer. The Electronic Digital Content Store(s) also authorises 
the download of the SC containing the Content 113. The Electronic Digital Content Store(s) may elect to host the SCs 
containing the Digital Content at its local site and/or utilise the hosting and distribution facilities of another Content 
hosting site. 

[0073] The Electronic Digital Content Store(s) can provide customer service for any questions or problems that an 
End-User(s) may have using the Secure Digital Content Electronic Distribution System 100, or the Electronic Digital 
Content Store(s) 103 may contract their customer service support to the Clean ngHouse(s) 105. 

3. Intermediate Market Partners (not shown) 

[0074J In an alternate embodiment, the Secure Digital Content Electronic Distribution System 100 can be used to 
provide Content 113 securely to other businesses called Intermediate Market Partners. These partners may include 
digital content-related companies offering a n on -electronic service, such as televisions stations or video clubs, radio 
stations or record clubs, that distribute Content 113. These Partners may also include other trusted parties who handle 
material as part of making or marketing sound recordings, such as record studios, replicators, and producers. These 
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C. System Uses 



10 



[0081] The Secure Digital Content Electronic Distribution System 100 enables the secure delivery of hiqh-qualitv 
usTge ^ttoC^m 1 1 1 1 3 1 ° End " US6r Device < s > 1 09 ' whether consumer or business, and to regulate and track 
[0082] The Secure Digital Content Electronic Distribution System 1 00 could be deployed in a variety of consumer 
,and buslness-to-business services using both new and existing distribution channels. Each particular service could 
.use a different financial model that can be enforced through the rights management features of the Secure Digital 
Content Electronic Distribution System 100. Models such as wholesale or retail purchase, pay-per-llsten usage sub- 
scription services, copy/no-copy restrictions, or redistribution could be implemented through the rights management 
of the CleanngHouse(s) 1 05 and the End-User Player Application 1 95 copy protection features 
[0083] The Secure Digital Content Electronic Distribution System 1 00 allows Electronic Digital Content Store(s) 1 03 
and Intermediate Market Partners a great deal of flexibility in creating services that sell Content 1 1 3. At the same tJme 
it provides Content Providers) 101a level of assurance that their digital assets are protected and metered so that thev 
can receive appropriate compensation for the licensing of Content 113. 

o,^,^2.?« RAPHY CONCEPTS AND THEIR APPLICATION TO THE SECURE DIGITAL CONTENT ELECTRONIC 
DISTRIBUTION SYSTEM 



25 



30 



35 



[0084] License Control in the Secure Digital Content Electronic Distribution System 1 00 is based on the use of cryp- 
tography. This section introduces basic cryptography technologies of the present invention. The use of public key 
encryption, symmetric key encryption, digital signatures, digital watermarks and digital certificates is known. 

A. Symmetric Algorithms 

[0085] In the Secure Digital Content Electronic Distribution System 100 the Content Providers) 101 encrypts the 
content using symmetric algorithms. They are called symmetric algorithms because the same key is used to encrypt 
and decrypt data. The data sender and the message recipient must share the key. The shared key is referred to here 
as the symmetnc key. The Secure Digital Content Electronic Distribution System 100 architecture is independent of 
the specific symmetric algorithm selected for a particular implementation. 

[0086] Common symmetric algorithms are DES, RC2 and RC4. Both DES and RC2 are block cipher. A block cipher 

f^ P uf \ B data US ' n9 3 bl0 ° k ° f data bitS at a time - DES fe an official US government encryption standard has a 
64-b.t btoqksize and uses a 56-bit key. Triple-DES is commonly used to increase the security achieved with simple 
DES RSA Data Security designed RC2. RC2 uses a variable-key-size cipher and has a block size of 64 bits RC4 
also designed by RSA Data Security, is a variable-key-size stream cipher. A stream cipher operates on a single data 
bit at a time. RSA Data Security claims that eight to sixteen machine operations are required for RCM per output byte 
[0087] IBM designed a fast algorithm called SEAL. SEAL is a stream algorithm that uses a variable-length key and 
1 T fl! ^,TiTu ed f ° r 32 " bit P rocessors - SEAL re <l ulres about five elementary machine instructions per data 
byte. A 50 MHZ, 486-based computer runs the SEAL code at 7.2 megabytes/second if the 1 60-bit key used has already 
been preprocessed into internal tables. ' 

.... [0088] Microsoft reports results of encryption performance benchmark in its Overview of CryptoAPI document These 
results were obtained by an application using Microsoft's CryptoAPI, running on a 120-MHZ, Pentium-based computer 

, with Windows NT 4.0. 
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Cipher 


Key Size 


Key Setup Time 


Encryption Speed 


DES 


56 


460 


1,138,519 


RC2 


40 


40 


286,888 


RCM 


40 


151 


2,377,723 



B. Public Key Algorithms 

-[0089] In the Secure Digital Content Electronic Distribution System 1 00, symmetric keys and other small data pieces 
are encrypted using public keys. Public key algorithms use two keys. The two keys are mathematically related so that 
data encrypted with one key can only be decrypted with the other key. The owner of the keys keeps one key private 
(private key) and publicly distributes the second key (public key). 

[0090] To secure the transmission of a confidential message using a public key algorithm, one must use the recipient's 
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public key. PV jnside the handle indicates that it is a private key. Diamond shape is an End-User Digital Signature 202. 
The initials indicate which private key was used to create the signature thus in EU is the End-User(s) digital signature 
from table below. Symmetric key 203 is used to encrypt content. An encrypted symmetric key object 204 comprising 
a symmetric key 203 encrypted with a PB of CLRNGH. The key on the top border of the rectangle is the key used In 
the encryption of the object. The symbol or text inside the rectangle Indicates the encrypted object (a symmetric key 
in this case). Another encrypted object, in this example a Transaction ID encrypted object 205 is shown. And Usage 
...Conditions 206 for content licensing management as described below. The SC(s) 200 comprises Usage Conditions 
. 206, Transaction ID encrypted object 205, an Application ID encrypted object 207, and encrypted symmetric key object 

204, all signed with an End-User Digital Signature 202. 
. [0101] The table below shows the initials that identify the signer of SC(s). 



Initial 


Component 


CP 


Content Providers) 1 01 


MS 


Electronic Digital Content 103 


HS 


Content Hosting Site(s) 111 


EU 


End-User Device(s) 1 09 


CH 


Clearinghouse(s) 105 


CA 


certification authority(tes) 



F. Example of a Secure Container Encryption 

[0102] , The tables and diagrams below provide an overview of the encryption and decryption process used to create 
and recover information from SC(s). The SC(s) that is created and decrypted in this process overview is a general SC 
(s). It does not represent any of the specific SC(s) types used for rights management in the Secure Digital Content 
Electronic Distribution System 1 00. The process consists of the steps described in FIG.3 for encryption process. 

Process Flow for Encryption Process of FIG.3 



[0103] 



Step 


Process 


301 
302 
303 

304 

305 

306 

307B 

307A 


Sender generates a random symmetric key and uses it to encrypt the content. 

Sender runs the encrypted content through a hash algorithm to produce the content digest. 

Sender encrypts the symmetric key using the recipient's public key. PB RECPNT refers to the recipient's 

public key. 

Sender runs the encrypted symmetric key through the same hash algorithm used in step2 to produce the 
symmetric key digest. 

Sender runs the concatenation of the content digest and symmetric key digest through the same hash 
algorithm used in step2 to produce the SC(s) digest. 

Sender encrypts the SC(s) digest with the sender's private key to produce the digital signature for the SC 
(s). PV SENDER refers to the sender's private key. 

Sender creates a SC(s) file that includes the encrypted content, encrypted symmetric key, content digest, 
symmetric key digest, sender's certificate, and SC(s) signature. 

Sender must have obtained the certificate from a certification authority prior to initiating secure 
communications. The certification authority includes in the certificate the sender's public key, the sender's 
name and signs it. PV CAUTHR refers to the certifications authority's private key. Sender transmits the SC 
(s) to the recipient. 



BP 1 107 137 A2 



Step 



121 



Process 



122 



123 



124 



125 



126 
127 
128 
129 

130 
131 
132 

133 

134 
135 
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• the Content 113 originates from a rightful content owner and is distributed by a licensed distributor, e.g. Electronic 
Digital Content Store(s) 1 03; 

• the Digital Content purchaser has a properly licensed application; 

• the distributor is paid by the purchaser before a copy of the Content 113 is made available to the purchaser or 
5 End-User(s); and 

• a record of the transaction is kept for reporting purposes. 

[°1 1°I The Content Identification Layer 503 allows for the verification of the copyright and the identity of the content 
purchaser. The content's copyright information and identity of the content purchaser enables the source tracking of 
10 any, authorised or not, copy of the Content 1 1 3. Thus, the Content Identification Layer 503 provides a means to combat 
piracy. 

[0111] The Content Usage Control Layer 505 ensures that the copy of the Content 1 13 is used in the purchaser's 
device according to the Store Usage Conditions 519. The Store Usage Conditions 519 may specify the number of 
plays and local copies allowed for the Content 113, and whether or not the Content 113 may be recorded to an external 
'5 portable device. The functions in the Content Usage Control Layer 505 keep track of the content's copy/play usage 
and update the copy/play status. 

[01 12] The Content Formatting Layer 507 allows for the format conversion of the Content 1 1 3 from its native repre- 
sentation in the content owner's facilities into a form that is consistent with the service features and distribution means 
of the Secure Digital Content Electronic Distribution System 1 00. The conversion processing may include compression 
20 encoding and its associated preprocessing, such as frequency equalisation and amplitude dynamic adjustment. For 
Content 113 which is audio, at the purchaser's side, the received Content 113 also needs to be processed to achieve 
a format appropriate for playback or transfer to a portable device. 

B. Function Partitioning and Flows 

[0113] The Rights Management Architectural Model is shown in FIG.5 and this illustrates the mapping of the archi- 
tectural layers to the operating components making up the Secure Digital Content Electronic Distribution System 100 
and the- key functions in each layer. 

30 1 , Content Formatting Layer 507 

[0114] yThe general functions associated with the Content Formatting Layer 507 are Content Preprocessing 502 and 
Compression 511 at the Content Provider(s) 101, and Content De-scrambling 513 and Decompression 51 5 at the End- 
User Device(s) 1 09. The need for preprocessing and the examples of specific functions were mentioned above. Content 

3s Compression 5 11 is used to reduce the file size of the Content 1 1 3 and its transmission time. Any compression algorithm 
appropriate for the type of Content 113 and transmission medium can be used in the Secure Digital Content Electronic 
Distribution System 100. For music, MPEG %/4, Dolby AC-2 and AC-3, Sony Adaptive Transform Coding (ATRAC), 
and low-bit rate algorithms are some of the typically used compression algorithms. The Content 113 is stored in the 
End-User Device(s) 109 in compressed form to reduce the storage size requirement. It is decompressed during active 

40 playback. De-scrambling is also performed during active playback. The purpose and type of scrambling will be de- 
scribed later during the discussion of the Content Usage Control Layer 505. 

2. Content Usage Control Layer 505 

45 [01 15] The Content Usage Control Layer 505 permits the specification and enforcement of the conditions or restric- 
tions imposed on the use of Content 113 use at the End-User Device(s) 109. The conditions may specify the number 
of plays allowed for the Content 113, whether or not a secondary copy of the Content 113 is allowed, the number of 
secondary copies, and whether or not the Content 1 1 3 may be copied to an external portable device. The Content 
Provider(s) 101 sets the allowable Usage Conditions 517 and transmits them to the Electronic Digital Content Store 

5 ?\} (s) 103 in a SC (see the License Control Layer 501 section). The Electronic Digital Content Store(s) 103 can add to 

<v or narrow the Usage Conditions 51 7 as long as it doesn't invalidate the original conditions set by the Content Provider 
(s) 1 01 . The Electronic Digital Content Store(s) 1 03 then transmits all Store Usage Conditions 51 9 (in a SC) to the 
End-User Device(s) 1 09 and the ClearingHouse(s) 1 05. The ClearingHouse(s) 1 05 perform Usage Conditions Valida- 
.:. tion 521 before authorising the Content 113 release to an End-User Device(s) 109. 

55 [01 16] The enforcement of the content Usage Conditions 51 7 is performed by the Content Usage Control Layer 505 
in the End-User Device(s) 1 09. First, upon reception of the Content 1 1 3 copy from the Content Identification Layer 503 
in the End-User Device(s) 109 marks the Content 113 with a Copy/Play Code 523 representing the initial copy/play 
permission. Second, the Player Application 195 cryptograph ically scrambles the Content 113 before storing it in the 
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K^nT^^! t [ ansac ;!; i on between the End - User ^Ms) 1 0 9 and the Electronic Digital Content Store(s) 1 03 
rs based on standard Internet Web protocols. Aspartof theWeb-based interaction, the End-Userfs) makes Section 

?he pSri nf 1° PTT* C ProV ' deS PerSOnal ^ finanC ' al ,nf0m,ati0n ' and a9rees to the «S3S of puSSe 
S^ST^. (S> COU ' d ° btain Payrnent aUthorisati ° n f ™ « ■"!«*" invitation ul" a 

SA D lL a «on a oft med c ?n 6 thS EleCtr ° niC D ' 9ital C ° ntent Store(s > 103 has downloaded the End-User 
thf « 2* f i, V an End " User DeVice(s) 1 09 based on standard Web Precis. The architecture requires that 

nT f ?r (S) 103 38819,18 8 Un ' qUe apP "' Cati0n 10 to the downioaded Piayer A^Son 95 
™,L, -1 End - User D *vlce(s) 109 stores it for later application license verification (see below) 

Snt i^ e ,M era " licensin9flow at the c °"tent Providers) 101. The Content Provider s) 101 encrypts the 
SSL f ITT' 0 " SymmeWC tey l0Ca " y generated, ™* ^crypts the Symmetric Key 623 ulna the 
SJSTStTJi? "I * p V ? • a " a,ternate embod,ment - *° ^y Instead of being liaUy genem M 

Coment SS Mr, Conten ! Prov,der < s > 101 "™ the ClearingHouse(s) 105. The Content Providers) 101 creates a 

KevS to! ! r m en ^ Pt9d C ° ntent 113 ' Snd 8 Metedata SC < 8 > 620 around *e «"^ted Symmetric 
Key 623, Store Usage Conditions 519, and other Content 113 associated information. There is one Metadata SCfs) 
620and one ContentSC(s) 630 for every Content 113 object. The Content 113 object may be a c^mpre^oJl^^^^ 
same song or the Content 113 object may be each song on the album or the Content 113 objecTmayTe tta erZ 

wS/c^ 

[0126] The Content Prdviderfs) 101 distributes the Metadata SC(s) 620 to one or more Electronic Diaitai Content 
Store s) 103 (ste P 601) and the Content SC(s) 630 to one or more Content Hosting Stt^stlX) SS^SS 
Digita Content Store(s) 103. in turn creates an Offer SC(s) 641. The Offer SC(s) 641 typicaS/camerlc^Mhe 

thTr^^T 7 f \ thS Me ! a ? ata SC(8) 62 °' inC ' Uding the Dlgital Signature 624 ° f the ^tem Pn^.derTs) 1 0? aJd 
he Certrf,cate (not shown of the Content Providers) 101. As mentioned above, the Electronic Digital Content Store 

f 103 H ^ to or narrow the St"* Usage Conditions 519 (handled by the Control Usage Control Layert inS 
defrned by the Content Provider^) 101. Optionally, the Content SC(s) 630 and/orthe Metadata S C^ 620 is «C2 
with a Digital Signature 624 of the Content Provider(s) 101. 9 
[0127] Afterthe completion of the Content-purchase transaction between the End-User Devicefs) 109 and the Elec- 
tronic D.gita. Content Store(s) 1 03 (step603). the Electronic Digital Content Store(s) 1 03 creates and I transfe^to the 
SZZZ 9 ™?* 109 a Transaction SC(s) 640 (step604). The Transaction SC(s 640 includes a^e "Janslct In 

nlotScSli " am f i'-fT**** (n0t 8h0Wn) ' the Pub " C Ke V 661 0f *• 109 anS 

TrlZ^Z "ZZTZT thS P urchased Content 113. Transaction Data 642 in FIG.6 represents both the 
kLTspSo ^ u E " d ; Use ^ name < not shown). The Transaction Data 642 is encrypted with the Pubic 

SSSSSSS ST"* * e Transaction SC(8) 640 is signed ^ a Di9ftai **-u» «3 of 

A^ti^o/ 606 ^ 10 " ° f Transact,0n SC < S > 640 < and the 0 ^r SC(s) 641 included in it), the End-User Player 
™ , n ^T? ° n End " U8er D6V,C6(S) 109 S0,,cits license authorisation from the ClearingHouse(s) 105 by 
means of an Order SC(s) 650 (step605). The Order SC(s) 650 includes the encrypted Symmetric ilVeta and Sore 
Usage Cond,t,ons 51 9 from the Offer SC(s) 641 . the encrypted Transaction Data£ 2 frornThe T^S£!^S 
and the encrypted Application ID 551 from the End-User Device(s) 109. In another embodiment the Onter scX 6S0 
is.s.gned with a Digital Signature 652 of the End-User Device(s) 109 mDoa.mem, tne order SC(s) 650 

[0129] Upon reception of the Order SC(s) 650 from the End-User Device(s) 1 09, the ClearingHouse(s) 1 05 verifies: 

1. that the Electronic Digital Content Store(s) 103 has authorisation from the Secure Digital Content Electronic 
D IS tnbut.on System 1 00 (exists in the Database 1 60 of the ClearingHouse(s) 1 05)- Electronic 

2. that the Order SC(s) 650 has not been altered; 

3. that the Transaction Data 642 and Symmetric Key 623 are complete and authentic- 

4. that the electronic Store Usage Conditions 519 purchased by the End-User Devicefs) 109 are consistent with 
. those Usage Conditions 51 7 set by the Content Providers) 1 01 • and w»n«8wni wrtn 

'■* Contem StoSf ^ !l™ T V*™ th3t * " aS pr0vided b * an authorised Ele <*ronic Digital 

S??„rt Tr ] ; ^ Verlf,cat,ons are s "«=essful, the ClearingHouse(s) 1 05 decrypts the Symmetric Key 

SS^ "! ^ l 2 bUi ' dS tranSfSrS tnS UCenSS SC(S) 660 10 1^ End-User Device?) Vo9 

(etepeoe) The License SC(s) 660 carries the Symmetric Key 623 and the Transaction Data 642 both encrypted 

" ( s)7o5 d e e ^JL 7 661 1 l e ! nd ; User Device(s) 1oa " any verification is not successfui > *° c£S3S2 

(s) 105 denies the license to the End-User Devlce(s) 109 and informs the End-User Device(s) 109 The Clearina- 
House s) 1 0E iateo immediately informs the Electronic Digital Content Store(s) 1 03 of this Jrlf lc^on WluiTen 
alternate embodiment, the ClearingHouse( S ) 1 05 signs the License SC(s) 660 with its Digital Signature 663 
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identifier of the symmetric key that was used to encrypt the encrypted part. 

[01 37] If the SC(s) does not contain any encrypted parts, then there is no Key Description part. 

s B. Rights Management Language Syntax and Semantics 

[01 38] The Rights Management Language consists of parameters that can be assigned values to define restrictions 
on the use of the Content 113 by an End-User(s) after the Content 113 purchase. The restrictions on the use of the 
Content 113 is the Usage Conditions 517. Each Content Providers) 101 specifies the Usage Conditions 51 7 for each 

10 of its Content 113 items. Electronic Digital Content Store(s) 103 interpret the Usage Conditions 517 in Metadata SC 
(s)620 and use the information to provide select options they wish to offer their customers as well as add retail purchase 
information for the Content 113. After an End-User(s) has selected a Content 113 item for purchase, the End-User 
Device(s) 109 requests authorisation for the Content 113 based on Store Usage Conditions 519. Before the Clearing- 
House^) 105 sends a License SC(s) 660 to the End-User(s), the ClearingHouse(s) 1 05 verifies that the Store Usage 

15 Conditions 51 9 being requested are in agreement with the allowable Usage Conditions 51 7 that were specified by the 
Content Providers) 101 in the Metadata SC(s) 620. 

[01 39] When an End-User Device(s) 1 09 receives the Content 1 1 3 that was purchased, the Store Usage Conditions 
51 9 are encoded into that Content 113 using the Watermarking Tool or encoded in the securely stored Usage Conditions 
51 9. The End-User Player Application 1 95 running on End-User Device(s) 1 09 insures that the Store Usage Conditions 
20 " v ' 51 9 that were encoded into the Content 1 13 are enforced. 

[01 40] The following are examples of Store Usage Conditions 51 9 for an embodiment where the Content 1 1 3 is music: 

• Song is recordable. 

• Song can be played n number of times. 

25 

C. Overview of Secure Container Flow and Processing 

[0141] Metadata SC(s) 620 are built by Content Provider(s) 101 and are used to define Content 113 items such as 
songs. The Content 113 itself is not included in these SC(s) because the size of the Content 113 is typically too large 
30 for Electronic Digital Content Store(s) 1 03 and End-User(s) to efficiently download the containers just for the purpose 
of accessing the descriptive metadata. Instead, the SC(s) includes an external URL (Uniform Resource Locators) to 
point to the Content 113. The SC(s) also includes metadata that provides descriptive information about the Content 
,113 and any other associated data, such as for music, the CD cover art and/or digital audio clips in the case of song 
Content 113. 

35 [01 42] Electronic Digital Content Store(s) 1 03 download the Metadata SC(s) 620, for which they are authorised, and 
build Offer SC(s) 641 . In short, an Offer SC(s) 641 consists of some of the parts and the BOM from the Metadata SC 
(s) 620 along with additional information included by the Electronic Digital Content Store(s) 103. A new BOM for the 
Offer SC(s) 641 is created when the Offer SC(s) 641 is built. Electronic Digital Content Store(s) 103 also use the 
Metadata SC(s) 620 by extracting metadata information from them to build HTML pages on their web sites that present 

^0 descriptions of Content 113 to End-User(s), usually so they can purchase the Content 113. 

[0143] The information in the Offer SC(s) 64Lthat is added by the Electronic Digital Content Store(s) 1 03 is typically 
to narrow the selection of Usage Conditions 517 that are specified in the Metadata SC(s) 620 and promotional data 
such as a graphic image file of the store's logo and a URL to the store's web site. An Offer SC(s) 641 template in the 
; Metadata SC(s) 620 indicates which information can be overridden by the Electronic Digital Content Store(s) 103 in 

45 \ the Offer SC(s) 641 and what, if any, additional information is required by the Electronic Digital Content Store(s) 103 
and what parts are retained in the embedded Metadata SC(s) 620. 

[0144] Offer SC(s) 641 are included in a Transaction SC(s) 640 when an End-User(s) decides to purchase Content 
113 from an Electronic Digital Content Store(s) 103. The Electronic Digital Content Store(s) 103 builds a Transaction 
SC(s) 640 and includes Offer SC(s) 641 for each Content 113 item being purchased and transmits it to the End-User 

so Device(s) 109. The End-User Device(s) 109 receives the Transaction SC(s) 640 and validates the integrity of the 
Transaction SC(s) 640 and the included Offer SC(s) 641 . * : * 

[0145] An Order SC(s) 650 is built by the End-User Device(s) 109 for each Content 113 item being purchased. 
Information is included from the Offer SC(s) 641 , from the Transaction SC(s) 640, and from the configuration files of 
the End-User Device(s) 1 09. Order SC(s) 650 are sent to the ClearingHouse(s) 1 05 one at a time. The Clearinghouse 

55 (s) 1 05 URL where the Order SC(s) 650 is included as one of the records in the BOM for the Metadata SC(s) 620 and 
included again in the Offer SC(s) 641 . 

[0146] The ClearingHouse(s) 105 validates and processes Order SC(s) 650 to provide the End-User Device(s) 1 09 
with everything that is required to a License Watermark 527 and access purchased Content 113. One of the functions 
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Parts 



BOM 
Part Exists 



Key inscription Part 



Digest Result Name Encrypt Atg Key MEnc Key Sym Key AI, Sy m Key 



ID 



IContcm URI.J 



IMetadata UR1.] 



SC Version 



SCID 



SC Type 



SC Publisher 



Output Pan 


RC4 


Knc Sym Key 


RSA 


CH Pub Key 


Output Part 


RC4 


Enc Sym Key 


RSA 


CH Pub Key 



Date 



(Zxptraiion Duie 



Cleafinghousc(s) URL 



Digest Algorithm ID 



Digital Signature Alg ID 



Content ID 


Yes 


Yes 


Metadata 


Yes 


Yes 


Usage Conditions 


Yes 


Yes 


SC Templates 


Yes 


Yes 


Watermarking 
Instructions 


Yes 


Yes 


Key Description Part 


Yes 


Yes 


Clearinghousc(s) 
Ccrtificate(s) 


Yes 


No 


Ccrtificatc(s) 


Yes 


No 




Digital Sil. 


nature 



Output Part 



RC4 



Enc Sym Key RSA 



CH Pub Key 



[0151] The following describes the terms that are used in the above Metadata SC(s) table: 

• [Content URL] - A parameter in a record in the Key Description part This is a uri th a r n«»„t. * * 

• irr, s^o^^ 

does not contain the encrypted metadata. Metadata SC(s) 620. The Metadata SC(s) 620 itself 

Content ID - A part that defines a unique ID assianed to a Content 11-* i )am -ru 

« ,„ „ , „.„ n tta ^ ,., 620 jr^'S «„ ' c m o„;„T z? ,ten °™ oo,usm id 

^sr^Ez^zsrr,,"- ^ — -~ * « — - » 

s ?r,' s u p =:r s M cS , ss7 mp ' Ms *- ^ - """""" ^ ^ » <» - 
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Digest Algorithm II) 
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[0153] The following describes the terms that are used in the above Offer SC(s) 641 that were not previously de- 
scribed for another SC(s): 



27 



EP 1 107 137 A2 

• End-User(s)' Public Key - The End-User(s)' Public Key 661 that is used by the ClearingHouse(s) 1 05 to re-encrvot 

Si»~T Public Key 661 ,s l — to the El — ^ ---- 

• Offer SC(s) - Offer SC(s) 641 for the Content 113 items that were purchased 

• flections of Content Use - An array of Usage Conditions for each Content 113 item being purchased by the End- 
User(s). There is an entry for each Offer SC(s) 641 . V 

s * HTML to Display - One or more HTML pages that the End-User Player Application 1 95 displays in the Internet 

1 Verify the Integrity of the Electronic Digital Content Store(s) 103 certificate using the Public Key 621 of the 
ClearingHousefs) 105. The Public Key 621 of the ClearingHouse(s) 105 was stored at the End-User Devtee(s) 
procSs ^ Part ° f inltla,iSa,ion 01 the End - Use ' Application 1 95 during its Installation 

?03 cSlScate' 9 ' 181 Si9natUrB ^ ° f SC(S> US ' n9 th ° PUb " C ^ from the EleCtr0 " ic Di9ital Content Store ( s ) 
3. Verify the hashes of the SC(s) parts. 

4 - Verily the ^ and authenticity of each Offer SC(s) 641 included in the Transaction SC(s) 640. 
G. Order Secure Container 650 Format 

Sl^^IJlTff 9 table rt Sh T P3rtS th3t 3re inC,Uded in the 0rder SC < S > 650 as we » ^ its BOM and Key 
Descnptton parts. These parts either provide information to the ClearingHousefs) 105 for decryption and verificaHon 

m me Order SC(s) 650. The Some stnng in the Part Exists column of the Metadata SC(s) BOM indicates that the some 
of those parts are not included in the Order SC(s) 650. The BOM from the Metadata SC(s) 620 is alsoTnc uded wS 
any change so that the ClearingHouse(s) 1 05 can validate the integrity of the Metadata SC(s) 6 Jo and ite par^ 
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The following describes the terms that are used in the above Order SC(s) 650 that were not previously described for 
another SC(s): 

* Transaction SC(s) BOM - The BOM in the original Transaction SC(s) 640. The record in the Order SC(s) 650 BOM 
includes the digest of the Transaction SC(s) 640 BOM. 

• Encrypted Credit Card Info.- Optional encrypted information from the End-User(s) that is used to charge the pur- 
chase to a credit card or • debit card. This information is required when the Electronic Digital Content Store(s) 1 03 
that created the Offer SC(s) 641 does not handle the customer billing, in which case the ClearingHouse(s) 105 
may handle the billing. 
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L Content Secure Container Format 

[0160] The following table shows the parts that are included in the Content SC(s) 630 as well as the BOM: 



Parts 



Part Exists 



BOM 



Content ID 



Encrypted Content 



Encrypted Metadata 



Metadata 



Certificate <s) 



Digest 



S(s) Version 



SC(s) ID 



SC(s)Typc 



SC(s) Publisher 



Dale 



Kxpiraiion Date 



Clearinghoiise(s) 1 05 URL 



Digest Algorithm ID 



Digital Signature Alg ID 



Yes 



Yes 



Yes 



Yes 



Yes 



Yes 



Yes 



Yes 



Yes 



No 



Digital Signature 



for!nothIr h SC°sr n9 ^ ^ * ^ ^ ^ PreVi ° US ' y deSCribed 

S££ SZZ ' C m?h * 13 that W3S enCryPt9d by 8 C ° ntent Provider ( 8 ) ™1 ^ing a Symmetric Key 623. 
^Tsy^T^ytS aSS0C ' ated C ° ntent 1 1 3 that ^ enCryPted by 8 C ° n,ent Pr0Vlder < s > 101 

In^LJlTrf iS "° K I Y ? eSCription part inc,uded in the Co "tent SC(s) 630 since the keys required to decrypt the 
encrypted parts are in the License SC(s) 660 that is built at the ClearingHouse(s) 1 05. 

VI. SECURE CONTAINER PACKING AND UNPACKING 

A. Overview 

[ °! 6 ?- Th u SC(S) Pa ° ker iS 3 32 " bit Windows ' Pragram wife an API (Application Programming Interface) that can be 

M- in* a * o 3 ^ 6 Platf0miS su PP° rtin 9 Windows> P r °gram at the Content Provider(s) 1 01 , Clearinghouse 
W 105, Electronic Digital Content Store(s) 103 and othersites requiring SC(s) Packing. A BOM and if neceWa 
Key D e scr,p„on part are created and included in the SC(s). A set of packer Apis a.low/the caNer t£l££ZnU 

ES^TT 1° Be Hc ,e r6C0rdS ^ B ° M and Key Descri P ,ion P arts and to Parts in The SC s 

h Z T S c ymmetr ' C KSyS 623 38 We " aS COmputin 9 the di 9 ests and the <W* stature is afso be 
performed by the packer. Encryption and digest algorithms that are supported by the packer are included in the packer 
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The ID property is a unique value that is assigned to this specific SC(s) by the entity that is creating this 
SC(s). The format of the value is defined in a later version of this document. 
T value The T property specifies the type of the SC(s), which should be one of: 

ORD - An Order SC(s) 650. 
OFF - An Offer SC(s) 641. 
LIC - A License SC(s). 
TRA - A Transaction SC(s) 640. 
MET - A Metadata SC(s) 620. 
CON - A Content SC(s) 630. 

A value 

The A property identifies the author or publisher of the SC(s). Author/publisher identities should be un- 
ambiguous and/or registered with the ClearingHouse(s) 1 05. 
D value 

The D property identifies the date, and optionally, the time that the SC(s) was created. The value should 
be of the form yyyy/mm/dd[@hh:mm[:ss[.fsec]][(TZ)]] representing year/month/day @hounminute:sec- 
ond.decimal-fraction-of -second (time-zone). Optional parts of the value are enclosed in [] characters. 
E value 

The E property identifies the date, and optionally, the time that the SC(s) expires. The value should be 
the same form used in the D property that was previously defined. The expiration date/time should be 
compared, whenever possible, with the date/time at the ClearingHouse(s) 105. 
CCURL value 

The CCURL property identifies the URL of the ClearingHouse(s) 105. The value should be of the form 
. of a valid external URL. 
H value 

" The H property identifies the algorithm that was used to calculate the message digests for the parts 
'"" . included in the SC(s). An example digest algorithm is MD5. . 

A D record is a data or part entry record that contains information that identifies the type of part, the name of 
the part, the (optional) digest of the part, and an (optional) indication that the part is not included in the SC(s). 
Assign immediately after the type identifier is used to indicate that the part is not included in the SC(s). The 
following are reserved types of data or part records: 

K part_name [digest] 

Specifies the Key Description part. 
W part_name [digest] 

Specifies the watermarking instructions part. 
C part_name [digest] 

Specifies the certificate(s) used to validate the digital signature. 
T part_name [digest] 

Specifies the Usage Conditions part. 
YF part_name [digest] 

Specifies the Template part for the Offer SC(s) 641 . 
YO part_name [digest] 

Specifies the Template part for the Order SC(s) 650. 
YL part name [digest] 

Specifies the Template part for the License SC(s) 660. 
ID part_name [digest] 

Specifies the ID(s|.of.the Content 113 of the item(s) of Content 113 being referenced. 
CH part_name [digest] 

Specifies the CiearingHouse(s) 105 certificate part. 
SP part_name [digest] Specifies the Electronic Digital Content Store(s) 1 03 certificate part. 
B part_name [digest] 

Specifies a BOM part for another SC(s) that has its parts or a subset of its parts included in this SC(s). 
BP part_name sc_part_name [digest] 

Specifies a BOM part for another SC(s) that is included as a single part in this SC(s). The sc_part_name 
parameter is the name of the SC(s) part that is included in this SC(s) and that this BOM part defines. A 
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process for making the request so long as the two parties come to an agreement. After the digital content label such 
as a Mus lC Label e.g. Sony, Time-Warner, etc. decides to allow the Electronic Digital Content Store(s) 103 to sell its 
Content 1 1 3, the ClearingHouse(s) 1 05 is contacted, usually via E-mail, with a request that the Electronic Digital Content 
Store(s) 103 be added to the Secure Digital Content Electronic Distribution System 100. The digital content label 
provides the name of the Electronic Digital Content Store(s) 103 and any other information that may be required for 
the CleanngHouse(s) 1 05 to create a digital certificate for the Electronic Digital Content Store(s) 1 03. The digital cer- 
tificate is sent to the digital content label in a secure fashion, and then forwarded by the digital content label to the 
Electronic Digital Content Store(s) 103. The ClearingHouse(s) 105 maintains a database of digital certificates that it 
has assigned. Each certificate includes a version number, a unique serial number, the signing algorithm the name of 
the issuer (e.g., the name of ClearingHouse(s) 1 05), a range of dates for which the certificate is considered to be valid 
the name Electronic Digital Content Store(s) 103, the public key of the Electronic Digital Content Store(s) 103 and a 
hash code of all of the other information signed using the private key of the ClearingHouse(s) 105. Entities that have 
the Public Key 621 of the ClearingHouse(s) 105 can validate the certificate and then be assured that a SC(s) with a 
signature that can be validated using the public key from the certificate is a valid SC(s). 

[0173] After the Electronic Digital Content Store(s) 103 has received its digital certificate that was created by the 
ClearingHouse(s) 105 and the necessary tools for processing the SC(s) from the digital content label it can begin ' 
offering Content 113 that can be purchased by End-User(s). The Electronic Digital Content Store(s) 103 includes its 
certificate and the Transaction SC(s) 640 and signs the SC(s) using its Digital Signature 643. The End-User Device 
(s) 1 09 verifies that the Electronic Digital Content Store(s) 1 03 is a valid distributor of Content 1 1 3 on the Secure Digital 
Content Electronic Distribution System 100 by first checking the digital certificate revocation list and then using the 
Public Key 621 of the ClearingHouse(s) 1 05 to verify the information in the digital certificate for the Electronic Digital 
Content Store(s) 103. A digital certificate revocation list is maintained by the ClearingHouse(s) 105 The revocation 
list may be included as one of the parts in a License SC(s) 660 that is created by the ClearingHouse(s) 1 05 End-User 
Device(s) 109 keep a copy of the revocation list on the End-User Device(s) 109 so they can use it as part of the 
Electronic Digital Content Store(s) 103 digital certificate validation. Whenever the End-User Device(s) 109 receives a 
License SC(s) 660 it determines whether a new revocation list is included and if so, the local revocation list on the 
End-User Device(s) 1 09 is updated. 



B. Rights Management Processing 

Order SC^s) Analysis 



[0174] ' The ClearingHouse(s) 105 receives an Order SC(s) 650 from an End-User(s) after the End-User(s) has re- 
ceived the Transaction SC(s) 640, which include the Offer SC(s) 641 , from the Electronic Digital Content Store(s) 1 03 
The Order SC(s) 650 consists of parts that contain information relative to the Content 113 and its use information 
about the Electronic Digital Content Store(s) 103 that is selling the Content 113, and information about the End-User 
(s) that is purchasing the Content 1 1 3. Before the ClearingHouse(s) 1 05 begins processing the information in the Order 
SC(s) 650, it first performs some processing to insure that the SC(s) is in fact valid and the data it contains has not 
been corrupted in any way. 



Validation 



[0175] The ClearingHouse(s) 1 05 begins the validation of Order SC(s) 650 by verifying the digital signatures then 
the CleanngHouse(s) 1 05 verifies the integrity of the Order SC(s) 650 parts. To validate the digital signatures first the 
CleanngHouse(s) 1 05 decrypts the Contents 631 of the signature itself using the Public Key 661 of the signing entity 
included if signed. (The signing entity could be the Content Providers) 101, the Electronic Digital Content Store(s) 
1 03, the End User Device(s) 1 09 or any combination of them.) Then, the ClearingHouse(s) 1 05 calculates the digest 
of the concatenated part digests of the SC(s) and compares it with the digital signature's decrypted Content 113 If the 
two values match, the digital signature is valid. To verify the integrity of each part, the ClearingHouse(s) 1 05 computes 
the digest of the part and compares it to the digest value in the BOM. The ClearingHouse(s) 105 follows the same 
process to verify the digital signatures and part integrity for the Metadata and Offer SC(s) 641 parts included within 
the Order SC(s) 650. 

[0176] The process of verification of the Transaction and Offer SC(s) 641 digital signatures also indirectly verifies 
that the Electronic Digital Content Store(s) 103 is authorised by the Secure Digital Content Electronic Distribution 
System 100. This is based on the fact that the ClearingHouse(s) 105 is the issuer of the certificates. Alternately the 
CleanngHouse(s) 1 05 would be able to successfully verify the digital signatures of the Transaction SC(s) 640 and Offer 
SC(s) 641 using the public key from the Electronic Digital Content Store(s) 1 03, but only if the entity signing the SC(s) 
has ownership of the associated private key. Only the Electronic Digital Content Store(s) 103 has ownership of the 



37 



EP1 107 137 A2 



during Content 113 purchase transactions and report request transactions. The information can be used for a variety 
of purposes such as audits of the Secure Digital Content Electronic Distribution System 100, generation of reports, 
and data mining. 

[0186] The ClearingHouse(s) 105 also maintains account balances in Billing Subsystem 1B2 forthe Electronic Digital 
Content Store(s) 103. Pricing structures for the Electronic Digital Content Store(s) 103 is provided to the Clearinghouse 
(s) 105 by the digital content labels. This information can include things like current specials, volume discounts, and 
account deficit limits that need to be imposed on the Electronic Digital Content Store(s) 103. The ClearingHouse(s) 
105 uses the pricing information to track the balances of the Electronic Digital Content Store(s) 103 and insure that 
they do not exceed their deficit limits set by the Content Providers) 1 01 . 
[0187] The following operations are typically logged by the ClearingHouse(s) 1 05: 

• End-User Device(s) 1 09 requests for License SC(s) 660 

• Credit card authorisation number when the ClearingHouse(s) 1 05 handles the billing 

• Dispersement of License SC(s) 660 to End-User Device(s) 109 

• Requests for reports 

• Notification from the End-User(s) that the Content SC{s) 630 and License SC(s) 660 were received and validated 
[0188] The following information is typically logged by the ClearingHouse(s) 105 for a License SC(s) 660: 

Date and time of the request - 

• Date and time of the purchase transaction 

• Content ID of the item being purchased 

• Identification of the Content Providers) 101 

• Store Usage Conditions 51 9 
Watermarking instruction modifications 

• Transaction ID 535 that was added by the Electronic Digital Content Store(s) 1 03 

• Identification of the Electronic Digital Content Store(s) 1 03 

• Identification of the End-User Device(s) 109 

• End-User(s) credit card information (if the ClearingHouse(s) 105 is handling the billing) 

' [0189] The following information is typically logged by the ClearingHouse(s) 105 for an End-User's credit card vali- 
dation: 

• Date and time of the request 

• Amount charged to the credit card 

• Content ID of the item being purchased 

• Transaction ID 535 that was added by the Electronic Digital Content Store(s) 1 03 

• Identification of the Electronic Digital Content Store(s) 103 

• Identification of the End-User(s) 

• End-User(s) credit card information 

• Authorisation number received from the clearer of the credit card 

[0190] The following information is typically logged by the CiearingHouse(s) 105 when a License SC(s) 660 is sent 
to an End-User Device(s) 1 09: 

• Date and time of the request 

• Content ID of the item being purchased 

• Identification of Content Providers) 101 

• Usage Conditions 517 

• Transaction ID 535 that was added by the Electronic Digital Content Store(s) 1 03 

• Identification of the Electronic Digital Content Store(s) 103 

• Identification of the End-User(s) 

[0191] The following information is typically logged when a report request is made: 

• Date and time of the request 

• Date and time the report was sent out 

• Type of report being requested 
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VIII. CONTENT PROVIDER 
*~*-A. Overview 

[0201] The end goal of the tools for the Content Providers) 101 Is to prepare and paokaqe a Content 113 ...m. « 

" ITSTl^T f,? 0 " 96 ' nt ° C0ntent SC < S > 630 and ^ Parage information ^Ju^^S^^^Z 
the song (content Usage Conditions 517), and promotional information^ the song into a M etedaX ScS eprf £ 
accomplish this, the following set of tools are provided: Metadata SC(s) 620. To 

* Qualfty K Contro1 T001 enables t0 P revfe w °f Prepared content and metadata. Any corrections needed to the metadata 

: : „ or resubm.ss.on of the content for further processing can be conducted metadata 

% " paTintoicJs! 00 ' " EnC,VPtS PaCka9eS a " 113 ' nf0mlati0n and Ca " S tbe SC < S > Packer *> 

' SS^^^ — centres, such as Content 

B. Work Flow Manager 154 

assigned specific responsibilities and these individuals can be ^CSJSd ^ " * 

5?3 7T T 9n G,8isa ^^^ 

• retrieve the next job to process 

• indicate successful completion of a process 

• indicate unsuccessful completion of a process and reason for the failure 

• !?SiSr SmtUS ^ 3 Pr0C8SS a " OW initiati0P " Pr0CeSS9S rSqUire ° n ' y Partia ' C ° mp,et[0n ° f a de P end " 

• add comments to a product which are made available to the designated processes 
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the Content Providers) determines the Content selection process. 

[0213] If the required information needed to perform a query to the Database 160 of the Content Providers) 1 01 is 
specified, the job is processed by the Automatic Metadata Acquisition Process 803. In a music embodiment, to properly 
schedule the product for audio processing, the product's genre and the desired compression levels are specified as 
well as the audio PCM or WAV filename(s). This information may be entered as part of the product selection process 
or selected via a customised query interface or Web browser function. Specification of this information enables the 
product to be scheduled for content processing. 

[0214] The product selection user interface provides an option enabling the operator to specify whether the product 
can be released for processing or whether it are held pending further information entry. If held, the job is added to the 
queue of the New Content Request Process 802 awaiting further action to complete data entry and/or release the 
product for processing. Once the product is released, the Work Flow Manager 1 54 evaluates the information specified 
and determines which processes the job is ready to be passed to. 

[0215] If adequate information is provided to enable an automated query to the Database 160 of the Content Provider 
(s)' 101 , the job is queued for Automatic Metadata Acquisition Process 803. If the database mapping table has not 
been configured for the Automatic Metadata Acquisition Process 803, the Job is queued for Manual Metadata Entry 
Process 804 (see Automatic Metadata Acquisition Process 803 section for details on the Database Mapping Table). 
[0216] If the required general information for audio processing and the specific information required for watermarking 
is specified, the job is queued for Watermarking Process 808 (the first phase of content processing). If any of the 
required information is missing when the job is released, the job is queued to the queue of the Products Awaiting Action/ 
Information Process 801 along with status indicating the information that is missing. 

[0217] If the status indicates that the filename of the Content 113, for example where the Content 113 is audio and 
the PCM or WAV file is missing, this may indicate that a capture (or digital extraction from digital media) is required. 
The audio processing functions require that the song files be accessible via a standard file system interface. If the 
songs are located on external media or a file system that is not directly accessible to the audio processing tools, the 
files are first be copied to an accessible file system. If the songs are in digital format but on CD or Digital Tape, they 
are extracted to a file system accessible to the audio processing tools. Once the files are accessible, the Work Flow 
Manager User Interface 700 is used to specify or select the path and filename for the job so that it can be released to 
"the watermarking process, assuming all other information required for watermarking has also been specified. 

3. Automatic Metadata Acquisition Process 803 

[0218] The Automatic Metadata Acquisition Process 803 performs a series of queries to the Database 160 of the 
Content Provtder(s) 1 01 or a staging database where data has been imported, in an attempt to obtain as much of the 
product information as possible in an automated fashion. The Automatic Metadata Acquisition Process 803 requires 
the following Information prior to allowing items to be placed on its queue: 

• database mapping table with adequate information to generate queries to the Database 1 60 of the Content Provider 
(s) 101 

• product information required to perform queries 

• adequate product information to uniquely define product 

[021 9] An automated query is performed to the Database 1 60 of the Content Provider(s) 1 01 to obtain the information 
necessary to process this Content 1 1 3. For example, if the Content 113 is music, the information needed to perform 
this query could be the album name or may be a UPC or a specific album or selection ID as defined by the Content 
Provider(s) 101. Of the information to be obtained, some is designated as required (see the section on Automatic 
Metadata Acquisition Process 803 for details). If ail required information is obtained, the job is next queued for Usage 
Conditions Process 805. If any required information is missing, the song is queued for Manual Metadata Entry Process 
804. If any jobs in the Products Awaiting Action/Information Process 801 queue are waiting for any of the information 
obtained in this step, the jobs status is updated to indicate that it is no longer waiting for this information. If that job no 
longer has any outstanding requirements, it is queued to the next defined queue. 

4. Manual Metadata Entry Process 804 

[0220] The Manual Metadata Entry Process 804 provides a means for an operator to enter missing information. It 
has no dependencies. Once all required information is specified, the job is queued for Usage Conditions Process 805. 
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• quality levels for product (could be preconfigured) 

• compression algorithm (could be preconfigured) 

• product genre (if required by preprocessor) 

[0228] Upon completion of the encoding process, the jobs are queued to the Content Quality Control Process 81 0 
if configured by the work flow rules. If not, the jobs are queued for Encryption Process 811 
; [0229] If third party providers of encoding tools do not provide a method to display the percentage of the Content 
113, such as audio, that has been processed or a method to Indicate the amount of Content 1 1 3 that has been encoded 
as a percentage of the entire selection of Content 113 selected, In FIG. 11 there is shown a flow diagram 1100 of a 
method to determine the encoding rate of Digital Content for the Content Preprocessing and Compression tool of FIG 
8. The method begins with the selection of the desired encoding algorithm and a bit rate, step 1 1 01 . Next a query is 
made to determine If this algorithm and encoding rate has a previously calculated rate factor, step 1 1 02 The rate factor 
is the factor used to determine the rate of compression for a specific encoding algorithm and a specific bit rate If no 
previously calculated rate factor is stored, a sample of the Content 11 3 is encoded for a predetermined amount of time 
The predetermined period of time in the preferred embodiment is a few seconds. This rate of encoding for a predeter- 
mined penod of time Is used to calculate a new rate factor RNEW. Calculating a new rate factor RNEW knowlna the 
amount of t me and the amount of Content 113 encoded is RNEW = (length of Digital Content encoded)/(amount of 
* 113 ' S enC ° ded and the encodl "9 status is displayed using the previously calculate rate 
factor RNEW, step 1109 This encoding rate factor RNEW is then stored, step 1107, for future use for this encoding 
algorithm and encoding bit rate. If the selected algorithm has a previously calculatedl-ate factor RSTORED step 1 103 
The Content 1 13 is encoded and the progression displayed using the previously calculated rate factor RSTORED steo 
11 04. In the meantime, a current rate factor, Rcurrent is calculated for this selected algorithm and bit rate step \ 1 05 
This current rate factor Rcurrent is used to update the stored rate factor RNEW = AVERAGE OF (RSTORED + RCUR ' 
RENT), step 1106. The iterative update of the rate factor enables the determination of the encoding rate to become 
■ S r r ?T te f With eaCh subsequent use for a Particular encoding algorithm and bit rate. The new rate 
RNEW is then stored for future use, step 11 07. The updating of RSTORED may not be made if the current rate factor 

curren t 's out range for the previously stored rate factor RSTORED by a given range or threshold 
[0230] The display of the encoding status can then be presented. The encoding status includes along with the current 
encoding rate, the display of the percentage of the total Content 113 displayed as a progression bar based on the 
encoding rate and the total length of thef lie forthe Content 113. Theencoding status can also include the time remaining 

R °r, m B e c n ^K n9 t K T ! , Vi? a T 3 '" 1 " 9 f ° r the enCOdin9 can be calculated ^ dividing the encoding rate calculated 
RCURRENT by the total length of the file for Content 1 1 3. The encoding status can be transferred to another program 
: ,that may .nvoke the calling process. This can help supervisory programs to encoding or co-dependent programs on 
encoding be operated and be batched for processing more efficiently, it should be understood, in an alternative em- 
bodiment, that encoding can include the step of watermarking. 

1 0. Content Quality Control Process 81 0 

[0231] The Content Quality Control Process 81 0 is similar in function to the Supervised Release Process 806 It is 
an optional step allowing someone to validate the quality of the content processing performed thus far. This has no 
dependencies other than completion of the Watermarking Process 808 and the encoding portion of the Preprocessing 
and Compression Process 809. Upon completion of the Content Quality Control Process 81 0 the following options are 

available: 

♦ the jobs can be released and queued for Encryption Process 811 . 

• comments can be attached and one or more of the jobs re-queued for Preprocessing and Compression Process 
809. 

[0232] The last option requires that the unencoded watermarked version of the song file remain available until after 
Content Quality Control Process 810. 1 dller 

1 1 . Encryption Process 811 

[0233] The Encryption Process 8 1 1 calls the appropriate Secure Digital Content Electronic Distribution Rights Man- 
agement function to encrypt each of the watermarked/encoded song files. This process has no dependencies other 
than completion of all other audio processing. Upon completion of the Encryption Process 811 process the fob is 
queued for Content SC(s) Creation Process 812. J 
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on its way to step Before (the Metadata SC(s) Creation Process 807) 

[ needs the encryption keys J. 
coming from step Before (the Metadata SC(s) Creation Process 807) 

on its way to either step A3 (the Final Quality Assurance Process 813) or step A4 (the Content Dis- 
5 persement Process 814) 

[ needs the Content SC(s) 630]. 
coming from step C1 (the Watermarking Process 808) 

on its way to step C2 (the Preprocessing and Compression Process 809) 

[ needs the metadata for Preprocessing and Compression Process 809]. 
io coming from step C4 (the Encryption Process 811) 

on its way to step C5 (the Content SC(s) Creation Process 812) 

[ needs the metadata for Content SC(s) 630 Packing ]. coming from step C5 (the Content SC(s) Cre- 
ation Process 812) 

on its way to either step A3 (the Final Quality Assurance Process 813) or step A4 (the Content DIs- 
15 persement Process 814) [ needs the Metadata SC(s) 620 ]. 

A3: After step A3 (the Final Quality Assurance Process 813), 

place onto queue B2 (Manual Metadata Entry Process 804), 
or place onto queue B3 (Supervised Release Process 806), 
or place into queue as required by the quality assurance operator. 
20 A4: After step A4 (Content Dispersement Process 814), 

the Work Flow Manager Tool 154 is done for this product. 
B1 : After step B1 (the Automatic Metadata Acquisition Process 803), 

if the metadata needed for step C1 (the Watermarking Process 808) is present, then place an entry 
representing this product onto queue C1 . 
25 (do the following logic also) 

if either 1 - any required metadata is missing, or 2- there are comments directed to the manual metadata 
providers, then also place the product onto queue B2 (Manual Metadata Entry Process 804), 

else if supervised release was requested for this product, then place the product onto queue B3 (Su- 
pervised Release Process 806). 
30 else if the product has all the information from the Content Processing Tools 1 55 for all of the requested 

quality levels, then place the product onto queue Before (the Metadata SC(s) Creation Process 807), 

else flag the product as needs the encryption keys and place the product onto queue A2 (Products 
Awaiting Action/I nfonnation Process 801). 
B2: During step B2 (Manual Metadata Entry Process 804), 

35 if step C1 (the Watermarking Process 808) has not been done and the metadata needed for step C1 

is present, then place an entry representing this product onto queue C1 . 
(do the following logic also) 

if metadata needed for step C2 the Preprocessing and Compression Process 809)just been provided, 

then 

4 o (do the following logic also) 

if all the metadata that can be gathered by the Metadata Assimilation and Entry Tool 161 is present, 
then if supervised release was requested for this product, then place the product onto queue B3 (Supervised 
Release Process 806) 
else 

45 if all the information from step C4 (the Encryption Process 81 1 ) of the Content Processing Tools 1 55 

is present, then place this product onto queue Before (the Metadata SC(s) Creation Process 807) 

else flag the product as needs the encryption keys and place this product onto queue A2 (Products 
Awaiting Action/Information Process 801). 
else 

50 if the metadata provider requested a forced supervised release, then place the product onto queue 

B3 (Supervised Release Process 806) 

else do nothing (keep the product on queue B2 (Manual Metadata Entry Process 804)). 
B3: During step B3 (Supervised Release Process 806), 

if this operator is sending the product back to step B2 (Manual Metadata Entry Process 804), then 
55 place the product on queue B2. 

else if this operator released the product, then 

if all the information from step C4 (the Encryption Process 811) of the Content Processing Tools 
155 is present, then place this product onto queue Before (the Metadata SC(s) Creation Process) 
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• Supervised Release Tool 

S!n 11 ™ese toolsenable Content Provider(s) 101 to implement the processes described above for Work Flow 
Manager 154. Tools described here are a toolkit based on Java in the preferred embodiment but oZZZZmmZ 
languages such as C/C++, Assembler and equivalent can be used. programming 

.1 . Automatic Metadata Acquisition Tool 

E2L AUt ° m ^o "!f etadata Ac " ulsftlon To01 P rovlde * a user the ability to implement the Automatic Metadata 
-JSSJS r VTo b6d ab0VS - ThS AUt0mat,C Metadata Acquisition Tool Is used to access the DatebaS 

mloiJ „ « Prov.derfs) 101 andto retrieve as much data as possible without operator assistance. inSatio* 
to^nl th T V! aut ° mate this Process. The Content Provider(s) 101 can tailor the default metadata temp S 
VT^kJ ^u*" C ° ntent Prov,der ( s ) 1 °1 wants ^ P^ide to End-Userfs) (e.g.. composer proXeT 

Co^t^ 

wS h S Tl 3 ^ ,f " reS associated with thls artls t>- The default metadata template includes data fiel* 

HI il ? q b/ End - UserDevic e(s) 1 09, data fields which can be optionally provided to the End-UserDevice 

Sum Zor^e. ^ " *" ,ie ' dS ' * ^ 1 ° 3 ' »« 

"EESL T ° " rt ^?* etom P' ato data fields from the Database 160 of the Content Providers) 101 the Automatic Meta- 
?J T 8 teble that mapS the * PB 01 data < ea - com P° ser . P"*«»r, a biography ofTelJttSto 

ma D r^ a n h r f n tH h9 databaSe WherS th6 data Ca " be f0Und - Each of * 9 Providers) 1 01 JeTp speS IS 

mapping table for their environment. H »H«swiy inm 

•SSIShJlT Aut0mati ° Metadata Ac °- Ufei «°n Tool uses a metadata template of the Content Provider(s) 1 01 and map- 
ping table to acqu.re whatever data is available from the Databases 1 60 of the Content Providers) 1 01 The status of 
.each product « updated with the result of the Automata Metadate Acquisition Process 803^^^ 
an^requrreddatarsqueuedforManualMetadata Entry Pi~804.« rt h^tto«^^ Jp^^.S^ 

2. Manual Metadata Entry Tool 

£245] The Manual Metadata Entry Tool provides a userthe ability to implement the Manual Metadata Entry Process 
T ? 6 ManUa ' Metadata Entry T ° 01 a " 0WS an * P r °P erl V authorised orator to provide the mTsZ 

an VZtZTZ H erm r 6S miSSin9 d3ta ' S unavailable > the operator can attach a comment to the ™durf 

a rodu!?ri, P r f S f ■ The C ° ntent ProvWw « 1°1 "ay squire, for quality assurance reasons, that the 

produc undergo supemsed release. Once all the required data is present, and if supervised release has not been 
requested, then the product is available for packing into a Metadata SC(s) 620. 

3. Usage Conditions Tool 

C ° nditi0, ; s I 001 Pr° vides a use r the ability to implement the Usage Conditions Process 805 de- 
sc bed above. The process of offering Content 113 for sale or rent (Limited use), using electronic delivery, involves a 
series of business demons. The Content Provider(s) 101 decides at which compression level(s) the cStenTm is 
Z^ZT, ^ COm P ressed wooded version of the Content Hs'one or more u Ige Conors a e 

S^^SE iTs nes the ri9hts of the End - User(s) - and any — « *• - 

itta2dte^r P rluct ment Pr ° CeSSin9 T00 ' S 155 ' 3 S6t ° f 1,8396 C ° nditl0nS (End - User(S > ^ a " d restrictions) is 

A usage condition defines: 

1 . the compression encoded version of the Content 113 to which this usage condition applies " 

2. the type of user covered by this usage condition (e.g., business, private consumer) 

3. whether this usage condition allows for the purchase or the rental of the Content 1 1 3. For a rental transaction: 

• the measurement unit which is used to limit the term of the rental (e.g., days plays) 

• the number of the above units after which the Content 113 will no longer play. 
For a purchase transaction: 

• the number of playable copies the End-User(s) is allowed to make. 
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product ID [src: content provider;] 

[dest: everybody;] 
licensor label company [dest: EMS; end-user;] 

licensee label company [dest: EMS; end-user;] 

source (publisher) of this object 

(sublicensee label company) [dest: everybody;] 

type of object (i.e., a single object or an array of objects) 
object ID [dest: everybody;] 

International Standard Recording Code (ISRC) 

International Standard Music Number (ISMN) 



usage conditions (src: concent provider; dest: EMS, end-user, 
Clearinghouse (si 105) 

purchased usage conditions (src: EMS; dest: end-user, CiearingHouse [ s ) 

105) 
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title of song 
principal artist (s) 

} 

a pointer to { 

the artwork (e.g., album cover); 

the format of the artwork £e.g;, GIF, JPEG); 



optional info: 



an array of additional information { 
composer 
publisher 
producer 
sidernen 

date of recording 
date of release 
lyrics 

track name (description) / track length 

list of albums on which this recording appears 

genre (s) 

} 

metadata 2 <src: content provider; dest: EMS) 

an array of structures, each representing different quality levels of 
the same sound recording 

{ 

the sound recording; 

the quality level of the sound recording; 

the size (in bytes) of the (probably compressed) sound recording; 

> 

metadata 3 (src: content provider; dest: EMS, end-user) 
optional info: 

promotional material: 

a pointer to artist promotion material { 
a URL to the artist's web site; 
background desc r ipt ion ( s ) of the artist (s) ; 
artist-related interviews (along with format of the 
interview (e.g., text, audio, video)); 
- reviews (along. with format of the reviews (e.g., text, 

audio, video) ) ; 

sample clips (and its format and compression level); 
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queue may be required if the tool does not report terminating status. 

[0253] A generic version of the Content ProcessingTools 1 55 is described, but customisation is possible. The Content 
Processing Tools 155 can be written in Java, C/C-w- or any equivalent software. The Content Processing Tools 155 
can be delivered by any computer readable means including diskettes, CDS or via a Web site. 

1 . Watermarking Tool 

[0254] The Watermarking Tool provides a user the ability to implement the Watermarking Process 808 as described 
above. This tool applies copyright information of the Content 113 owner to the song file using audio Watermarking 
technology. The actual information to be written out is determined by the Content Provfder(s) 101 and the specific 
watermarking technology selected. This Information is available to the front end Watermarking Tool so that it can prop- 
erly pass this information to the watermarking function. This Imposes a synchronisation requirement on the Metadata 
Assimilation and Entry Tool 1 61 to assure that it has acquired this information prior to, for example, allowing the song's 
audio file to be processed. This song will not be available for audio processing until the watermarking information has 
been obtained. 

[0255] The watermark is applied as the first step in audio processing since it is common to all encodings of the song 
created. As long as the watermark can survive the encoding technology, the watermarking process need only occur 
once per song. 

[0256] Various watermarking technologies are known and commercialiy available. The front end Watermarking Tool 
though is capable of supporting a variety of industry Watermarking Tools. 

2. Preprocessing and Compression Tool 

[0257] The Preprocessing and Compression Tool provides a user the ability to implement the Preprocessing and 
Compression Process 809 as described above. Audio encoding involves two processes. Encoding is basically the 
application of a lossy compression algorithm against, for a music content example, a PCM audio stream. The encoder 
can usually be tuned to generate various playback bit stream rates based on the level of audio quality required. Higher 
quality results in larger file sizes and since the file sizes can become quite large for high quality Content 113, download 
times for high quality Content 113 can become lengthy and sometimes prohibitive on standard 28,800 bps modems. 
[0258] The Content Providers) 101 may, therefore, choose to offer a variety of digital content qualities for download 
to appease both the impatient and low bandwidth customers who don t want to wait hours for a download and the 
audiophile or high bandwidth customers who either only buys high quality Content 1 1 3 or has a higher speed connection. 
[0259] Compression algorithms vary in their techniques to generate lower bit rate reproductions of Content 113. The 
techniques vary both by algorithm (i.e. MPEG, AC3, ATRAC) and by levels of compression. To achieve higher levels 
of compression, typically the data is re-sampled at lower sampling rates prior to being delivered to the compression 
algorithm. To allow for more efficient compression with less loss of fidelity or to prevent drastic dropout of some fre- 
quency ranges, the digital content may sometimes require adjustments to equalisation levels of certain frequencies or 
adjustments to the dynamics of the recording. The content preprocessing requirements are directly related to the com- 
pression algorithm and the level of compression required. In some cases, the style of Content 1 1 3 (e.g. musical genre) 
can be successfully used as a base for determining preprocessing requirements since songs from the same genre 
typically have similar dynamics. With some compression tools, these preprocessing functions are part of the encoding 
process. With others, the desired preprocessing is performed prior to the compression. 

[0260] Besides the downloadable audio file for sale, each song also has a Low Bit Rate (LBR) encoded clip to allow 
the song to be sampled via a LBR streaming protocol. This LBR encoding is also the responsibility of the Content 
Processing Toots 155. This clip is either provided by the Content Providers) 101 as a separate PCM file or as param- 
eters of offset and length. 

[0261] As with watermarking, it is hoped that the encoding tools can be loaded via a DLL or command line system 
call interface and passed all the required parameters for preprocessing and compression. The front end Encoding Tool 
may have a synchronisation requirement with the Metadata Assimilation and Entry Tool 1 61 , for example if the content 
is music, and if it is determined that the song's genre is acquired from the Database 160 of the Content Provider(s) 
prior to performing any audio preprocessing. This depends on the encoding tools selected and how indeterminate the 
genre forthe song is. If the Content Provider(s) 101 varies the choice of encoded quality levels per song, this information 
is also be provided prior to the encoding step and agrees with the metadata being generated by the Metadata Assim- 
ilation and Entry Tool 161. 

[0262] A variety of high quality encoding algorithms and tools are known today. The front end Encoding Tool though 
is capable of supporting a variety of industry encoding tools. 

[0263] Turning now to FIG. 12 is shown a flow diagram of one embodiment for the Automatic Metadata Acquisition 
Tool of FIG. 8 according to the present invention. The process starts with reading an identifier from the media the 
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as a metadata file to be included in the Metadata SC(s) 620. 
F. Final Quality Assurance Tool 

[0270] The Final Quality Assurance Tool provides a user the ability to implement the Final Quality Assurance Process 

813 as described above. Once all the SC{s) have been built for a content file, the content is available for a final quality 
assurance check. Quality assurance can be performed at various stages of the Content 113 preparation process. The 
Content Providers) 1 01 can choose to perform quality assurance as each major step Is completed to prevent excessive 
rework later or may choose to wait until all audio preparation processes are complete and perform quality assurance 
on everything at once. If the latter is chosen, quality assurance is performed at this point upon completion of the creation 
of the SC(s). This tool allows each SC(s) for the song to be opened, examined, and the audio played. 

[0271] Any problem discovered, even minor text changes requires that the SC(s) be rebuilt due to internal security 
features of SC(s). To avoid unnecessary re-processing time, it is highly recommended that the interim quality assurance 
steps be utilised to assure accuracy of the metadata and that this specific quality assurance step be reserved for 
validating appropriate cross references between the SC(s) associated with this song. If problems are found, the assurer 
can enter a problem description to be attached to the song and have it re-queued to the appropriate processing queue 
for reprocessing. Status is updated appropriately in the Work Flow Manager 154 to indicate the status of all related 
components of the song. If no problems are discovered, the Content 113 is marked or flagged as ready for release. 

G. Content Dispersement Tool 

[0272] The Content Dispersement Tool provides a user the ability to implement the Content Dispersement Process 

814 as described above. Once the Content 113 has been approved for release, the SC(s) for the Content 113 are 
placed in the queue of the Content Dispersement Process. The Content Dispersement Tool monitors the queue and 
..performs immediate transfer of the SC(s) files or batch transfer of a group of SC(s) files based on the configuration 
settings provided by the Content Provider(s) 1 01 . The Content Provider(s) 1 01 can also optionally configure the Content 
Dispersement Tool to automatically hold all SC(s) in this queue until they are manually flagged for release. This allows 
the Content Provider(s) 101 to prepare content in advance of their scheduled release date and hold them until they 
wish to release them e.g., a new song, movie or game. The SC(s) can also control access to Content 1 1 3 based on a 
defined release date so there is no requirement for the Content Providers) 101 to actually hold up delivery of the SC 

, v (s) but this manual release option can still be used for this purpose or used to manage network bandwidth required to 
, transfer these large files. 

.[0273] When flagged for release, the Content SC(s) 630 for the Content 1 1 3 are transferred via FTP to the designated 
ContentHosting Site(s) 111 . The Metadata SC(s) 620 is transferred via FTP to the Content Promotions Web Site 156 
Here the SC(s) are staged to a new Content 113 directory until they can be processed and integrated into the Content 
Promotions Web Site 156. 

[0274] FIG. 1 7 is a flow diagram of an alternate embodiment to automatically retrieve additional information for the 
Automatic Metadata Acquisition Tool of FIG. 8 according to the present invention. The process is similar for that de- 
scribed in FIG. 8 above. However, the quality checks of Supervised Release 806 and Content Quality Control 809 are 
combined into one quality check called Quality Control 1 704. Performing quality checks prior to Metadata SC Creation 
807 and Content SC Creation 812. Performing quality check prior to SC creation, eliminates the steps of unpacking 
the Content 1 1 3 and the associated Metadata SC(s) 620. In addition, in this embodiment, the queue of Products Await- 
ing Action/Information 801 have been eliminated. The jobs are placed on the specific process queues depending on 
what action is being requested. For example, if the job requires Manual Metadata, i.e. additional Metadata to be entered 
the job is place on the Manual Metadata entry queue. Also the Automatic Metadata Acquisition 803 has been merged 
with New Content Request to occur up front prior to the Metadata Assimilation and Entry Tool 161 and the Content 
Processing Tool 155. Finally, it is important to point out that the Usage Conditions 804 are entered both at the Automatic 
Metadata Acquisition 803 and during the Manual Metadata Entry 803. Since, many of the usage conditions can be 
automatically filled-in during the Automatic Metadata Acquisition 803 step. 

H. Content Promotions Web Site " f ^ 

[0275] To most effectively disperse information on what the Content Provider(s) 1 01 is making available for sale via 
digital download, and to get the necessary files to the Electronic Digital Content Store(s) 103 to enable it to make this 
Content 113 available for download to its customers, each Content Providers) 101 should have a secure web site 
housing this information. This is similar to the method used today by some Content Provider(s) 1 01 to make promotional 
content available to their retailers and others with a need for this information. In the case where this type of service 
already exists, an additional section can be added to the web site where Electronic Digital Content Store(s) 103 can 
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[0285] The End-User Device(s) 109 initiates the request for a Content SC(s) 630 by sending the License SC(s) 660 
to the Content Hosting Site(s) 111. This is the same License SC(s) 660 returned by the ClearingHouse(s) 105. The 
Digital Signature of the License SC(s) 660 can be verified to determine if it is a valid License SC(s) 660. If it Is a valid 
License SC(s) 660 either the download is initiated, or the download request may be redirected to another Content 
5 Hosting Site(s) 111. 

2. Content Hosting Site(s) 111 provided by the Secure Digital Content Electronic Distribution System 100 

[0286] For the Secure Digital Content Electronic Distribution System 1 00 the decision of which site should be used 
10 to download the Content 11 3 is made by the primary content site that received the initial request for a Content SC(s) 
• 630. This site uses the following information to make this decision: 

* Are there secondary content sites that host the Content 113 requested? (The majority of Content 113 offered by 
the Secure Digital Content Electronic Distribution System 100 is only located at primary sites); 
is • Where is the End-User Device(s) 109 geographically located? (This information can be obtained from the End- 
User Device(s) 1 09 when the request is initiated at the End-User Device(s) 1 09, this is passed up to the Clearing- 
House(s) 1 05 In the Order SC(s) 650; 
s • Is the appropriate secondary site up and operational? (Sometimes the secondary sites may be off-line); 
. • What is the load of the secondary sites? (In some cases where a secondary site is swamped with activity another 
20 site that is'less busy may be selected. 

[0287] Before transmitting the Content SC(s) 630 to the End-User Device(s) 1 09, analysis and verifications are per- 
formed on the End-User's request. A database is kept of all of the License SC IDs that have been used to download 
Content 113. This database can be checked to ensure that the End-User Device(s) 109 only makes one request for 
25 each piece of Content 1 1 3 purchased. This prevents malicious users from repeatedly accessing the Content Hosting 
Site(s) 111 in hopes of slowing down the Content Hosting Srte(s) 111 and prevents unauthorised download of the 
Content SC(s) 630. 

[0288] The promotion and demotion of Content 113 to the Secondary Content sites is done periodically based on 
customer demand for the individual pieces of Content 113. 

30 

Content Hosting Router 

. [Q289] The Content Hosting Router (not shown) resides In the Content Hosting Srte(s) 111 and receives all requests 
from End-User(s) wanting to download Content 113. It performs validation checks on the End-User(s) request to ensure 
35 they indeed bought the Content 113. A database is maintained on the status of the Secondary Content Sites that 
includes what Content 113 is on them and their current status. This current status includes the amount of activity on 
the sites and whether a site is down for maintenance. 

[0290] The only interface to the Content Hosting Router is the License SC(s) 660 that is sent by the End-User Device 
(s) 109 when Content 113 is required to be downloaded. The License SC(s) 660 includes information that indicates 
40 the user is allowed to download the Content 1 1 3. 

Secondary Content Sites 

[0291] The Secondary Content Sites (not shown) host the popular Content 113 of the Secure Digital Content Distri- 
45 button System 1 00. These sites are geographically dispersed across the world and are located near Network Access 
Points (NAPs) to improve download times. These sites are added to the system as demand on the primary Content 
Hosting Site(s) 111 nears maximum capacity 

IX. ELECTRONIC DIGITAL CONTENT STORE(S) 

50 

A. Overview - Support for Multiple Electronic Digital Content Store(s) 103 

[0292] Electronic Digital Content Store(s) 103 are essentially the retailers. They are the entities who market the 
Content 1 1 3 to be distributed to the customer. For distribution of Content 1 1 3, this would include Digital Content Retailing 
55 Web Sites, Digital Content Retail Stores, or any business who wishes to get involved in marketing electronic Content 
113 to consumers. These businesses can market the sale of electronic Content 113 only or can choose to just add the 
sale of electronic goods to whatever other merchandise they currently offer for sale. Introduction of downloadable 
electronic goods into the service offering of the Electronic Digital Content Store(s) 103 is accomplished via a set of 
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create the files required to reference these downloadable objects as items in their own inventory. This process is batch 
driven and can be largely automated and is executed only to integrate new Content 113 into the site. 
[0300] The tools for the Secure Digital Content Electronic Distribution have been designed to allow integration of 
sale of electronic downloadable Content 1 1 3 into typical implementations of web based Electronic Digital Content Store 
(s) 103 (i.e. Columbia House online, Music Boulevard, ©Tower) and equivalent with minimal change to their current 
Content 113 retailing paradigm. Several methods of integration are possible and in the preferred embodiment, the 
Electronic Digital Content Store(s) 1 03 provides support for all product searches, previews, selections (shopping cart) 
and purchases. Each Electronic Digital Content Store(s) 1 03 establishes customer loyalty with its customers and con- 
tinues to offer its own incentives and market its products as it does today. In the Secure Digital Content Electronic 
Distribution System 1 00, it would simply need to indicate which products in Its inventory are also available for electronic 
download and allow its customers to select the electronic download option when making a purchase selection. In 
another embodiment, the customer's shopping cart could contain a mixture of electronic (Content 113) and physical 
media selections. After the customer checks out, and the Electronic Digital Content Store(s) 103 has completed the 
financial settlement and logged or notified its shipping and handling functions to process the physical merchandise 
purchased, the commerce handling function of the Electronic Digital Content Store(s) 1 03 then calls the Transaction 
Processor Module 175 to handle all electronic downloads. It simply passes the required information and all processing 
from that point on is handled by the toolset for the Secure Digital Content Electronic Distribution System 100. In another 
embodiment, other methods of transaction handling are also possible using tools for the Secure Digital Content Elec- 
tronic Distribution System 100 to handle the financial settlement should the Electronic Digital Content Store(s) 103 
wish to sell downloadable merchandise only or to segregate the financial settlement of physical and downloadable 
merchandise. 

[0301] To handle the downloading of merchandise, the Electronic Digital Content Store(s) 103 is given a Product ID 
(not shown) for each downloadable product that it acquires from the Content Promotions Web Site 1 56 for the Content 
Providers) 101 . This Product ID is associated to a customer's purchase selection to the downloadable product. The 
Product ID is what the Electronic Digital Content Store(s) 103 passes to the Transaction Processor Module 175 to 
identify the product that the user has purchased. The SC(s) (Offer SC(s) 641 ) that were created to describe the products, 
are isolated from the Electronic Digital Content Store(s) 1 03 and kept in an Offer Database 1 81 in an effort to simplify 
management of these objects and make their existence transparent to the Electronic Digital Content Store(s) 1 03. 
[0302] The Transaction Processor Module 1 75 and other additional functions are provided as web server side exe- 
cutables (i.e. CGI and NSAPI, ISAPI callable functions) or simply APIs into a DLL or C object library. These functions 
handle run time processing for End-User(s) interactions and optional interactions with the ClearingHouse(s) 1 05. These 
functions interact with the web server's commerce services to create and download to the End-User Device(s) 1 09 the 
files necessary to initiate the Content 113 download process. They also handle optional interactions to provide author- 
isattonsrand accept notifications of completion of activities. 

[0303] An Accounting Reconciliation Tool 1 79 is also provided to assist the Electronic Digital Content Store(s) 1 03 
in contacting the ClearingHouse(s) 105 to reconcile accounts based on its own and the transaction logs of the Clear- 
ingHouse(s) 105. 

2. Content Acquisition Tool 1 71 

[0304] The Content Acquisition Tool 1 71 is responsible for interfacing with the Content Promotions Web Site 1 56 to 
preview and download Metadata SC(s) 620. Since the Content Promotions site is a standard web site, a web browser 
is used by the Electronic Digital Content Store(s) 103 to navigate this site. The navigation features varies based on 
the site design of the Content Provider(s) 1 01 . Some sites may provide extensive search capabilities with many screens 
of promotional information. Others may have a simple browser interface with lists of titles, performers or new releases 
to select from. All sites include the selection of Metadata SC(s) 620 containing all the promotional and descriptive 
information of a song or album. 

[0305] Alternatively, the Electronic Store(s) 1 03 may subscribe to content updates and receive updates automatically 
via FTP. 7 

Viewing Metadata 

[0306] The Content Acquisition Tool 1 71 is a web browser helper application which launches whenever a Metadata 
SC(s) 620 link is selected at the Content Promotions Web Site 156. Selection of the SC(s) causes it to be downloaded 
to the Electronic Digital Content Store(s) 103, and launch the helper application. The Content Acquisition Tool 171 
opens the Metadata SC(s) 620 and display the non-encrypted information contained therein. Displayed information 
includes Extracted Metadata 173, for a music example, the graphic image(s) associated with the song and the infor- 
mation describing the song, a preview clip of the song can also be listened to if included in the Metadata SC(s) 620. 
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[0313] Once the Offer SC(s) 641 is created, it is stored in an Offer Database 1 81 and is indexed with the Product ID 
pre-assigned in the Metadata SC(s) 620. This Product ID is used later by the Electronic Digital Content Store(s) 103 
to identify the downloadable Content 113 being purchased by a customer when interfacing with the Offer Database 
181 to retrieve the Offer SC(s) 641 for packaging and transmittal to the End-User(s). See the Transaction Processor 
Module 175 section for more details. 

[0314] In another embodiment, the Electronic Digital Content Store(s) 103 hosts the Content SC(s) 641 at his site. 
This embodiment requires changes to the Offer SC(s) 641 such as the replacement of the U RL of the Content Hosting 
Site(s) 111 with the URL of the Electronic Digital Content Store(s) 103. 

3. Transaction Processing Module 1 75 

[0315] Electronic Digital Content Store(s) 103 directs billing to ClearingHouse(s) 105. Alternatively, the Electronic 
Digital Content Store(s) 103 may request financial clearance direct from the ClearingHouse(s) 105. There are two basic 
modes for processing End-User(s) purchase requests for downloadable Content 113. If the Electronic Digital Content 
Store(s) 1 03 does not wish to handle the financial settlement of the purchase and has no special promotions or incen- 
tives governing the sale of the merchandise and does not use a shopping cart metaphor for batching the purchase 
requests, it may opt to provide links on its Content 113 download pages directly to the Offer SC(s) 641 files. These 
Offer SC(s) 641 would have to have been built with retail pricing information included in the metadata. Also included 
in the Offer SC(s) 641 is a special HTML offer page presenting the purchase options with terms and conditions of the 
sale. This page is built from a template created when the Offer SC(s) 641 was built. When the End-User(s) clicks on 
the direct link to the Offer SC(s) 641, the Offer SC(s) 641 is downloaded to the browser End-User Device(s) 109 
launching a helper application which opens the container and present the offer page included in the Offer SC(s) 641 . 
This page contains a form to collect customer information including credit card information and purchase option selec- 
tion. The form then gets submitted directly to the ClearingHouse(s) 105 for financial settlement and processing. Op- 
tionally, this form may contain the fields needed to use the End-User(s)' credit information or industry standard local 
transaction handler. 

[0316] An embodiment where the Electronic Digital Content Store(s) 1 03 handles billing is now described. The more 
typical mode of handling purchase requests is to allow the Electronic Digital Content Store(s) 103 to process the fi- 
nancial settlement and then submit the download authorisation to the End-User(s). This method allows the Electronic 
Digital Content Store(s) 103 to integrate sale of downloadable Content 113 with other merchandise offered for sale at 
his site, allows batch processing of purchase requests with only one consolidated charge to the customer (via a shop- 
ping cart metaphor) instead of individual charges for each download request, and allows the Electronic Digital Content 
^Store(s) 103 to directly track his customers buying patterns and offer special promotions and club options. In this 
"environment, the offer of downloadable Content 113 is included in his shopping pages which get added to a shopping 
cart when selected by the End-User(s) and get processed and financially settled as is done in the Electronic Digital 
Content Store(s)' 103 current shopping model. Once the financial settlement is completed, the commerce handling 
process of the Electronic Digital Content Store(s) 100 then calls the Transaction Processor Module 175 to complete 
the transaction. 

Transaction Processor Module 1 75 

[0317] The role of the Transaction Processor Module 1 75 is to put together the information needed by the End-User 
Devtce(s) 109 to initiate and process the download of the Content 113 purchased. This information is packaged into a 
Transaction SC(s) 640 which is sent back to the End-User Device(s) 1 09 by the Web Server as the response to the 
purchase submission. The Transaction Processor Module 1 75 requires three pieces of information from the commerce 
handling process of the Electronic Digital Content Store(s) 103: the Product IDs for the Content 113 purchased, Trans- 
action Data 642, and an HTML page or CGI URL acknowledging the purchase settlement. 

[0318] The Product ID is the value provided to the Electronic Digital Content Store(s) 1 03 in the Metadata SC(s) 620 
associated to the Content 113 just sold. This Product ID is used to retrieve the associated Offer SC(s) 641 from the 
Offer Database 181. 

[0319] The Transaction Data 642 is a structure of information provided by the transaction processing function of the 
Electronic Digital Content Store(s) 103 which is later used to correlate the ClearingHouse(s) 105 processing with the 
financial settlement transaction performed by the Electronic Digital Content Store(s) 103 and to provide user identity 
information to be included in the watermark of the Content 113 downloaded to the End-User Device(s) 109. When the 
ClearingHouse(s) 1 05 receives a valid Order SC(s) 650, it logs a transaction indicating the Content 1 1 3 that was sold, 
which Electronic Digital Content Store(s) 1 03 sold it and the associated Transaction Data 642 including the End-User's 
Name and a Transaction ID 535. The Transaction ID 535 provides a reference to the financial settlement transaction. 
This information is later returned by the ClearingHouse(s) 1 05 to the Electronic Digital Content Store(s) 1 03 for use In 
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flows 1 00 but are provided as options to allow the Electronic Digital Content Store(s) 1 03 the opportunity to close Its 
records on the sanction of completion of thesale.lt also provide, Wonnatlonthatn^bone^^^cuSlS 

Z!Z 7^ ? <T 9 , E,eCtr ° niC D ' 9ltal C ° ntent S10r6(s ) 1 03 know what ft"«o~ ^ve Csptd sS 
iri ^i TT t tra " saction or what e ™ rc ^ring an attempt to complete the sale AtonSEoJ 

deeded ^ ^ ^ Clearin 9 House < 8 > 1 05 th ™9" the Customer Service Interface 18^ 

ESS o F, ; eq " e D nCy ° f " ot f ' catlon of ™w Content 113 available at the Content Promotions Web Site 156 is determined 
by the Content Providers) 101. Notification may be provided as each new Metadata SC(s) 620 is added or lusTS 
with all new Metadata SC(s) 620 added that day. J V 

All of these notifications result in entries being made to the Transaction Log 178. If the Electronic Dioital 
Content Store(s) 103 wishes to perform his own processing on these notifications, he canintercept the cS^ 
his un,que function and then optionally pass the request on to the Notification Interface Module 1 76. 

5. Account Reconciliation Tool 1 79 

D 5?2 ™ S . ACO ° Unt Reconciliation Tool 1 79 contacts the ClearlngHouse(s) 1 05 to compare the Transaction Loc 1 78 

^^m£TT7?S 105 h ? ,s 18 an op,,onal process whlch fe available * he| p "^SSSiowS 

Content Store(s) 103 feel comfortable wrth the accounting for the Secure Digital Content Electronic Distribution System 

ESUL 1n / an **? ^"odiment, this tool can be updated to provide electronic funds transfers for automated periodic 
, PrOVider(S> 101 and the Cleari "9House(s) 105. It can also be designed to automaS 
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C. Broadcast Electronic Digital Content Distribution Service 

Sth B c!f m St P n marih f ? ferS t0 3 006 10 many Emission method where there is no personal interaction be- 
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and hstemng. Th.s s typ.cally P rov.ded over a digital satellite or cable infrastructure where the Content 113 is preoro 
grammed so that all End-User Device(s) 109 receive the same stream. P P 

SS 3 V A hybrid m ° del Ca " alS ° be def ' ned SUCh 1031 an ^' ectronic Digital Content Store(s) 103 provides a dioital 

?Hl UCh a ^ th3t il Can ° ffer b0th a Web distributlon interface vL an Internet cTnecC 
as well as a h.gher bandwidth satellite or cable distribution interface via a broadcast service, with a great deal of 
commonalrty to the site design. If the IRD back -channe. serial interface were connected to theTa*. and the'RD 
supported web navigat.on. the End-User(s) could navigate the digital content service in the usual way via the back 

'" te 7 et ;" t ff C6 ' P / eVieWin9 3nd Se ' eCting C ° ntent 113 10 pUrChaSe - 706 userca " •-«* ^gh qua S ^down- 
loadable Content 113, purchase these selections, and receive the required License SC{s) 660 all via an Internet co^- 
n^onandthenrequestd^^ 
Thewebserv.cecanmd^^ 

SSESSST. ^ f br0ad0aStStreams based tota "V on purchased Content 113. This method would altow a 
Web ^sed digital content serv,ce to contract with a broadcast facility to deliver high quality Content 113 to usere 
SJEi -qulpr-nt making a iimited number of specific Content 1 13 (e'g. songs or CDsfavaUab^ 

th ' s u manner and the entire catalog available for download in lower quality via the web interface 
ESJL ? ' br ° adCaSt m0dels ^ be ^signed where there is no web interface to the End-User Devlce(s) 109 In 
his model, promotional content is packaged in specially formatted digital streams for broadcast delivery to il End 
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(s) with the promotional content from which purchase selections can be made 

[0335] The actual purchase selections would still be initiated via back-channel communications from the End-User 
Dev,ce(s) 09 to the CleanngHouse(s) 1 05 and wouid utilise SC(s) to perform all date exchange. The ^^JS 

loot to Sh " IC V T St ° re(S> 103 h3S bSen arChit6Cted and developed in such 9 way that most of the tools 
apply to bo ha point-to-point Internet service offering as well as a broadcast satellite or cable offering The tools used 
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,t h, t h k 0 " ! br ° adCaSt m,r . ast ™*™- Tne sc (s) distributed over a Web service are the same as those 
distributed over a broadcast service. 
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offering sets. Users select and download video-clip static-offering packages 2006 by selecting an appropriate icon 
displayed while the video clip associated with each packages 2006 is played by the Set-Top Box(es) 1 804. Users select 
and download video-catalog static offering by: (1) selecting an icon that displays the static offering catalog (i.e., an 
icon based graphical representation of the packages 2006 available in this set); (2) navigating the catalog to locate 
the desired selection; and (3) selecting the desired package. The Set-Top Box(es) 1 804 communicates with the Broad- 
cast Centre(s) 1 802 to request the broadcast of this dynamic-offering package. The Broadcast Centre(s) 1 802, collects 
all requests from the users Set-Top Box(es) 1 804 and implements a scheduling algorithm that assigns packages 2006 
to carousels and carousels to broadcast intervals. Once a dynamic offering package is assigned to a carousel (and 
therefore to a broadcast interval) it becomes a static-offering package. 

[0342] All the packages 2006 promotional material, meta-data and descriptor are collected inside a master catalog. 
The master catalog is broadcasted in a pre-set carousel. The packages 2006 belonging to the static-offering set are 
listed in a bug catalog. The bug catalog contains the following: 

• broadcast addressing and tuning information necessary to receive a package in the static offering set; 

• broadcast addressing information for to receive the video clips; 

• broadcast addressing information necessary to receive the master catalog; 

• A pointer to the package associated with the video clip that is currently being broadcasted; 

• A set of pointers representing the packages 2006 belonging to the static-offering set; 

• The master catalog version; and 

• The bug catalog version. 

Since the bug catalog contains only pointers is very compact and it can be updated and downloaded frequently. In this 
fashion the Set-Top Box(es) 1804 can be continually up to date with the state of the broadcast channel 
[0343] To build and represent the graphical user interface, the Set-Top Box(es) 1 804 downloads the master catalog 
and extracts the contained data. To download a selected package the Set-Top Box(es) 1804 tunes to the carousels 
that contains the package and then starts collecting the data associated with the package. Package data is organised 
in sections. Due to digital transmission errors, sections maybe corrupted and/or lost. Sections integrity is determined 
using CRC-32 style information. In one embodiment, the Set-Top Box(es) 1 804 gathers all the package sections over 
carousel cycles. After afl sections have been collected and re-ordered the Set-Top Box(es) 1804 re-assembles the 
package. If a separate bi-directional unicast channel (such as the Internet) is available, the Set-Top Box(es) 1 804 can 
use this = channel to collect the missing package portion. Using the latter mechanism the package download time is 
reduced significantly. 

[0344] 1 A store manager application (not shown) in Broadcast Centre(s) 1802 is used to build the video-clip static- 
offeringfvideo-catalog static-offering and the dynamic offering sets. The same application is used also to associate 
packages 2006 to carousels and determine the broadcast intervals of each carousel and each video clip. The actions 
performed by the broadcast manager application are implemented in real-time by the Broadcast Centre(s) 1802. 
[0345] The package descriptors and the promotional material are broadcasted using a two-tier paradigm that allows 
for the real-time update of the receiver. 

2. Web broadcasting Over Separate Channels Embodiment 

[0346] FIG. 27 is a detailed block diagram of FIG. 18, Illustrating an alternate embodiment of electronic distribution 
of digital content using separate channels in a web broadcasting service, according to the present invention. This 
exemplary architecture overview in FIG, 27 is used to illustrate a small number of changes that have to be made from 
the other embodiments for the delivery of music content over broadcast or telecommunications line. In particular, using 
current webcast infrastructure such as Hughs DirecPCTM only a few elements are added to adapt only embodiments 
of the present system to work with the existing Hughs DirecPCTM systems such as the trigger manager 2726 as 
described further below on End User Device(s) 109. 

[0347] As described previously, the Broadcast Centre(s) 2702 receives the Offer SC(s) 641 from the Electronic Digital 
Content Store(s) 103. Along with the Offer SC(s) 641, the corresponding Content SC(s) 630 is retrieved. In. thjs em- 
bodiment, the Offer SC(s) 641 and the Content SC(s) 630 are stored locally on computer storage device 27$CA web 
store 2706 running CGi or servlet scripts 2708 and 2710 takes the promotional content to form sample buttons and 
catalog listing as are depicted and further described in FIG. 28 below. To handle payment authorisations such as credit 
cards, debit cards and other payment verification systems, an eCommerce CGI 271 0 interfaces with a financial clearing 
house 2710. The content placed on the'Web Store 2706 is sent to a repository 2712. 

[0348] In one embodiment, the content sent to the repository is in response to user selections received via a back 
channel from the End User Device(s) 109. Accordingly, in this embodiment, the content can be scheduled to match 
demand generated by the End User Device(s) 109. In addition, the periodicity of the content sent to the repository 
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by allowing user to make a certain number of purchases without reconnecting back to the ClearingHouse(s) 105 or 
the Web Store 2706. In this "off-line 0 embodiment, several categories may be used such as credit limits/purchase 
limits, periodic connection, limited time use of the Content 113 until ^connection is made within a certain period or 
vaoue deferment. 

[0357] Once the cache manager 2720 completes the scheduling and downloading of the appropriate Content SC(s) 
630 that have been requested, the trigger manager application 2726 notifies the Player Application 1 95 and the content 
is now available for importation from the Album_DSC(s) Buffer 2724 to the Player Application 196. Inadditionto notifying 
the Player Application that the Content SC(s) has been downloaded, other status can be reported back up to the Player 
Application 195 from the cache manager 2720 such as the status of the download, errors in the download and other 
information useful to a user in wishing to render or play the Content 113 desired. 
. [0358] And as previously described for the "online" or "connected- version of the current delivery system the nec- 
essary steps of updating usage conditions and rights associated with the Content can be monitored through the Clearina 
House(s) 105. a 



X. END-USER DEVICE(S) 109 



[0359] The applications in the End-User Device(s) 1 09 for the Secure Digital Content Electronic Distribution System 
1 00 perform two main functions: first the SC(s) processing and copy control; and second playback of encrypted Content 
,113. Whether the End-User Device(s) 109 is a Personal Computer or a specialised electronic consumer device, it has 
to be capable of performing these base functions. The End-User Device(s) 109 also provides a variety of additional 
features and functions like creating play lists, managing the digital content library, displaying information and images 
dunng content playback, and recording to external media devices. These functions vary based on the services these 
applications are supporting and the type of devices the applications are designed for. 



A. Overview 



[0360] Referring now to FIG. 1 0, shown is the major components and processes and End-User Device(s) 1 09 Func- 
' tional Flow. The applications designed to support a PC based web interface Content 113 service consists of two exe- 
cutable software applications: the SC(s) Processor 192 and the Player Application 195. The SC(s) Processor 192 is 
an executable application which is configured as a Helper Application into the End-User(s) Web Browser 1 91 to handle 
SC(s) File/Ml ME Types. This application is launched by the Browser whenever SC(s) are received from the Electronic 
Digital Content Store(s) 103, the ClearingHouse(s) 105, and the Content Hosting Site(s) 111. It is responsible for per- 
forming ail required processing of the SC(s) and eventually adding Content 113 to the Digital Content Library 196 of 
the End-User(s). 

[0361] The Player Application 195 is a stand alone executable application which the End-User(s) loads to perform 
Content 1 1 3 In his Digital Content Library 1 96, manage his Digital Content Library 1 96 and create copies of the Content 
113 if permitted. Both the Player Application 195 and SC(s) Processor 192 applications can be written in Java, C/C++ 
or any equivalent software. In the preferred embodiment, the applications can be downloaded from computer readable 
means such as website. However, other delivery mechanisms are also possible such as being delivered on computer 
readable media such as diskettes or CDS. 

[0362] The searching and browsing of Content 113 information, previewing of, for example, song clips, and selecting 
songs for purchase is all handled via the End-User(s) Web Browser 191 . Electronic Digital Content Store(s) 103 pro- 
vides the shopping experience in the same way that is offered today by many Content 113 retailing web sites The 
difference to the End-User(s) over today's web based Content 113 shopping is that they may now select downloadable 
Content 113 objects to be added to their shopping cart. If the Electronic Digital Content Store(s) 103 has other mer- 
chandise available for sale in addition to the downloadable objects, the End-User(s) may have a combination of physical 
and electronic downloadable merchandise in his shopping cart. The Secure Digital Content Electronic Distribution End- 
User Device(s) 1 09 are not involved until after the End-User(s) checks out and submits his final purchase authorisation 
to the Electronic Digital Content Store(s) 103. Prior to this point, all interaction is between the Web Server for the 
Electronic Digital Content Store(s) 103 and the, Browser 191 on the End-User Device(s) 109. This includes preview of 
sample Digital Content clips. Digital Content clips are not packaged into SC(s) but instead are integrated into the web 
service of the Electronic Digital Content Store(s) 1 03 as downloadable files or fed from a streaming server. The format 
of the Content 1 1 3 clip is not dictated by the system architecture. In another embodiment, the Player Application 1 95 
could interact directly with the Electronic Digital Content Store(s) 103 or ClearingHouse(s) 105 or offline usinq a pro- 
motional CD. 
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the download when the computer is next powered up. 

[0371] When the scheduled download time occurs or If Immediate download was requested, the SC(s) Processor 
1 92 creates Order SC(s) 650 from information in the Transaction SC(s) 640, Offer SC(s) 641 , and the Public Key 661 
of the End-User(s) generated at install time. This Order SC(s) 650 is sent via HTTP request to the ClearingHouse(s) 

5 1 05. When the ClearingHouse(s) 1 05 returns the License SC(s) 660, the Helper Application 1 98 is re-invoked to process 
the License SC(s) 660. The License SC(s) 660 is then opened and the URL of the Content Hosting Site(s) 111 is 
..extracted from the referenced Order SC(s) 650. The License SC(s) 660 is then sent to the specified Content Hosting 
Site 111 , via http request through the Browser, requesting download of the Content SC(s) 630. When the Content SC 
(s) 630 comes back to the Browser, the Helper Application 198 is re-invoked again. The SC(s) Processor 192 displays 

10 the name of the Content 113 being downloaded along with a download progress indicator and an estimated time to 
completion. 

[0372] As the Content 113 is being received by the SC(s) Processor 1 92, it loads the Content 113 data into memory 
buffers for decryption. The size of the buffers depends on the requirements of the encryption algorithm and Water- 
marking technology 193 and is the minimum size possible to reduce the amount of unencrypted Content 1i3 exposed 
15 to hacker code. As a buffer is filled, it is decrypted using the Key 623 (corresponding to the Public Key 661 ) of the End- 
User(s) extracted from the License SC(s) 660, which itself is first decrypted using the Private Key. The decrypted buffer 
is then passed to the Watermarking function. 

[0373] The Watermarking 193 extracts the Watermarking instructions from the License SC(s) 660 and decrypt the 
[ instructions using the Private Key of the End-User(s). The Watermarking data is then extracted from the License SC 
20 (s) 660 which includes transaction information such as the purchaser's name as registered with the Electronic Digital 
Content Store(s) 1 03 from which this Content 1 1 3 was purchased or derived from the credit card registration information 
if the Electronic Digital Content Store(s) 103 does not provide a registration function. Also included in the watermark 
is the purchase date and the Transaction ID 535 assigned by the Electronic Digital Content Store(s) 1 03 to reference 
the specific records logged for this transaction. The Store Usage Conditions 51 9 are also included to be used by the 
25 _ o Copy Control of the Player Application ,1 95. 

* [0374] The Watermarking 193 is protected with Tamper Resistant Code technology so as not to divulge the Water- 
... marking instructions thus preventing a hacker from discovering the location and technique of the watermark. This 
' prevents removal or modification of the watermark by a hacker. 

[0375] After inscribing any required watermark to this content buffer, the buffer is passed to the scrambling function 
30 for Re-Encryption 194. A processor efficient secure encryption algorithm such as IBM's SEAL encryption technology 
is used to re-encrypt the Content 113 using a random Symmetric Key. Once the download and Decryption and Re- 
' . Encryption 1 94 process is complete, the encryption Key 623 used by the Content Provider(s) 1 01 to originally encrypt 
the Content 113 is now destroyed and the new SEAL key is itself encrypted using the Secret User Key created and 
hidden at installation time. This new encrypted Seal Key is now stored in the License Database 107- 
35 [0376] Unlike source performed at the Content Provider(s) 101 and user Watermarking performed at the End User 
Device(s) 109 may need to become an industry standard to be effective. These standards are still evolving. The tech- 
nology is available to allow control information to be embedded in the music and updated a number of times. Until such 
time as the copy control standards are more stable, alternative methods of copy control have been provided in the 
Secure Digital Content Electronic Distribution System 100 so that it does not rely on the copy control watermark in 
40 order to provide rights management in the consumer device. Storage and p lay/record usage conditions security is 
implemented utilising encrypted DC Library Collections 196 that are tied to the End User Device(s) 109 and protected 
via the Tamper Resistant Environment. Software hooks are in place to support copy control Watermarking when stand- 
, ards have been adopted. Support exists today for Watermarking AAC and other encoded audio streams at a variety 
' of compression levels but this technology is still somewhat immature at this time to be put to use as a sole method of 
45 copy control. 

[0377] The Decryption and Re-Encryption 194 process is another area of the code that is protected with Tamper 
Resistant Code technology so as not to divulge the original Content 113 encryption key, the new SEAL key, the Secret 
User Key, and where the Secret User Key segments are stored and how the key is segmented. 
[0378] The process of Decryption and Re-Encryption 194 serves two purposes. Storing the Content 113 encrypted 

50 . with an algorithm.like SEAL enables faster than real-time decryption and requires much less processor utilisation to 
perform the decryption than does a more industry standard type algorithm like DES. This enables the Player Application 
1 95 to perform a real-time concurrent decryption-decode-playback of the Content 1 1 3 without the need to first decrypt 
the entire file for the Content 113 prior to decode and playback. The efficiency of the SEAL algorithm and a highly 
.! efficient decode algorithm, allows not only concurrent operation (streaming playback from the encrypted file) but also 

55 allows this process to occur on a much lower powered system processor. Thus this application can be supported on 
a End-User Device(s) 109 as tow end as a 60MHz Pentium system and perhaps lower. Separating the encryption 
format in which the Content 113 is finally stored from the original encryption format, allows for greater flexibility in the 
selection of the original content encryption algorithm. Thus use of widely accepted and proven industry standard al- 
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SSU^" 9 " eStabl i!'; es n ° definitive ,a y out of these components. One such layout is provided in the generic olaver 
[0388] This set is grouped into subgroups, starting with the components used to present End-User Disolav isin «nH 

DiZ^ln^^T DiS ?! ay COmP ° nent 1510 ' S •»*«■ divided b * ^^ion growings (PlaX 

^ 8 <*J«*™tainer components used for grouping and p.ac.ng of thc^oleHevei 



d^rs^^,^ 

[0390] FIG. 16 Is an example user interface screens of the Player Application 195of fig i * nwvwwin,, 

r 1 T 6 o 5 r" ionfortheEnd - usercontro,si5ii,nci " 

[0391 ] Controls for performing the Content 1 1 3: 



Play/Stop button 
Play button 

Stop button ' 

Pause button 

Skip forward button 

Skip backward button 

Volume control 

Track position control/display 

Audio channel volume level display and more. 

[0392] Controls for the displaying metadata associated with the Content 113 

Cover Picture button 
. Cover Picture object 

Artist Picture button 

Artist Picture object 

Track List button 

Track List Information object 

Track List Selector object (click to play) 

Track Name object 

Track Information object 

Track Lyrics button 

Track Lyrics object 

Track Artist Name object 

Track Credits button 

Track Credits object 

CD Name object 
. CD Credits button 

CD Credits object 

Generic (Configurable) Metadata button 
Generic Metadata object and more. 



Seof 1 1 605r On ^ ^ End " US6r ° iSP,ay 1510 inC ' Ude (COrrespondin 9 screens of an E nd-User 'nterface are shown 
[0394] Play-list of display container 

■ Play-list Management button 
Play-list Management window 
Digital Content search button 
Digital Content search Definition object 
Digital Content search Submit button 
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duplicating or copying the Content 113 stored at the End User Device(s) 109, on to an external device such as DVD 
Disc, digital tape, flash memory, mini Disc or equivalent read/writeable removable media, the use Is updates to the 
logging site. This may be a precondition to copying the Content 113 in the usage conditions 206 that is transmitted 
when the Content 1 13 is purchased. This ensures the Content Providers) 1 01 can accurately track the usage of their 

s Content 113 during their playing, duplicating or other actions upon the Content 113. 

[0399] In addition, other information about the Content 1 1 3 can be uploaded to the logging site. For example the last 
time (e.g., hour and day) the Content 113 was performed; how many times the Content 113 was performed; if the 
Content 113 has been duplicated or copied to an authorised external device such as DVD Disc, digital tape or mini- 
Disc. In cases where there are multiple distinct users of a single Player Application 195 on the End User Device(s) 

10 109, such as different members of a family, the identifications of the user of the Content 113 is transmitted along with 
the usage information to the logging site. By reviewing the usage information uploaded to the logging site, the Content 
Providers) 101 can measure the popularity of the Content 113 base on the actual usage, the identification of the user 
and the number of times the Content 113 has been performed. The actual usage measurement makes this system 
more factual driven over systems using sampling methods, such as a Nielsen Rating scheme for televisions, or tele- 

'5 phone surveys, where only a limited number of users are sampled at any one time and the results extrapolated. In this 
present embodiment, the actual usage can be measures for the users logging back onto a designated web site such 
as the Electronic Digital Content Store(s) 103 or Content Provider(s) 101. 

4. Decryption 1505, Decompression 1506 and Playback Components 1506 

20 

[0400] These components use the keys acquired by the Copy/Play Management components to unlock the audio 
data acquired from the Data Management and Library Access components, apply the appropriate decompression to 
prepare it for playback, and use system audio services to play it. In an alternate embodiment, the audio data acquired 
from the Data Management and Library Access components may be copied to removable media such as CDS, dis- 
25 kettes, tapes or MiniDisks. 

5. Data Management 1502 and Library Access Components 1503 

[0401] These components are used to store and retrieve song data on various storage devices on the End-User(s) 
30 1 system, as well as handle requests for information about the stored songs. 

6. inter-application Communication Components 1508 

[0402] These components are used for coordination between the Secure Digital Content Electronic Distribution Play- 
35 er and other applications (e.g., Browser, helper-app and/or plug-in, etc) that may invoke the Player Application 195, 
or that the Player Application 195 needs to use when carrying out its functions. For example, when a URL control is 
activated, it invokes the appropriate browser and instruct it to load the appropriate page. 

7. Other Miscellaneous Components 

40 

[0403] Individual components that don t fall into the categories above (e.g., Installation) are grouped here. 

8. The Generic Player 

45 [0404] In this section the combining of the components above into aversion of the Player Application 1 95 is discussed. 
This is just one of many different examples possible, since the Player Application 195 is designed for customisation 
by being based on software objects. The Player Object Manager 1501 is a software framework holding all the other 
components together. As discussed in the sections above, the blocks below the Player Object Manager 1501 in this 
diagram are required for any player, but may be replaced by specialised versions depending on such things as form 

50. of encryption or scrambling being used, types of audio compression, access methods for the Content 113 library, and 
more. 

[0405] Above the Player Object Manager 1 501 are Variable Objects 1512, which are mostly derived from the meta- 
data associated with the Content 113 being played or searched. These Variable Objects are made available to the 
End-User Device(s) 109 by way of the End-User Display 1510 and received input from the End-User Controls 1511. 
55 All objects are configurable, and the layouts of all containers are customisable. These objects may be implemented in 
C/C++, Java or any equivalent programming language. 
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Displayed Song Title 

End-User(s) notes about the song 
Lead-in delay on playing the song 
Follow-on delay after playing the song 
Start-point within song when playing 
End-point within song when playing 
Weighting for random mode 

Play-list title 

Play-list mode (random, sequential, etc) 
Repeat mode (play once, restart when done, etc) 

SJn U 5TS«2 C^tpnl uh ^""^ h lbrarlan ( C0TO8 P° ndi "3 ««»" of an End-User Interface 1601): 
Open the Digrtal Content Librarian window. Also see Digital Content Librarian below for more Info. 



Song Play 



[0411] When a song has been prepared for play, either by invoking the Plaver ADDlication 1 witK ,^ „ 



Play 

Pause 

Stop 

Skip Backward 
Skip Forward 
Adjust Volume 
Adjust Track Position 
View Lyrics 
View Credits 
View CD Cover 
View Artist Picture 
View Track Information 
View other metadata 
Visit web site 
Play-list 

Librarian and more. 



Digital Content Librarian 



the End-User(s)' options: 
Working with songs 



Sort by Name 

Sort by Category 

Search by Keyword 

Search by Included Song Trtle 

Load Selected Play-list 

Rename Play-list 

Delete Play-list 

Create CD from Selected Play-list (if enabled) and more. 
Work with Play-lists: 
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191 and associated parts including Secure Container Processor 1 91 , Helper Application 1 93, Water Marking 1 93 and 
Decryption Re-encryption 194 are not changed. This provides developers one set of APIs and Tools to build players 
for both this broadcast embodiment and the telecommunication embodiment or the computer readable medium em- 
bodiment. In addition, a Clearinghouse Emulator 1914, allows the transaction to be logged until the user connects the 
End User Device(s) 1 09 back to ClearingHouse(s) 1 05 for final account reconciliation. 

[0419] Turning now to FIG. 21 , shown is a flow diagram 2100 for a process running on the End User Device for 
purchasing content over the alternate embodiment of FIG. 1 8, according to the present invention. To better understand 
this flow diagram, reference will be made to FIGS. 22- 27 which are a series of screen shots illustrating the user's 
purchase on a television 1806 using the alternate embodiment of FIG. 18, according to the present invention. 
[0420] The process flow 21 00 begins in step 21 02, a "Buy 41 and "Catalog" icons are displayed. User input, step 21 04 
is received. A test is made to determine the user selection, steps 2106 and 2108, of "Buy or Catalog" during the 
broadcast of a program 2204. If "Buy" Is selected, the user is asked to identify themselves for billing purposes, step 
2110. The embodiment shown in steps 2110-2116 and FIG. 24. uses a "smart card" and an associated personal iden- 
tification number (PIN). Other billing mechanisms are possible, Including the use of a debit card. Once the user identifies 
himself or herself, the download begins, step 2118. If "Catalog" is selected in step 2106, a menu panel of purchasable 
products Is displayed, step 2120, and the user may navigate among them via a selection cursor (steps not shown). 
User input is received in step 2122. If this input it "Buy" the viewer proceeds through the authentication process, 
2110-2116. If the input is "Exit", the viewer returns to the "Buy" and "Catalog" choices, step 2126. Upon successful 
authentication, the download process begins with an optional message indicating this to the viewer, as shown in FIG. 
26. Note that all graphic images are overlaid on top of video that is not interrupted by the consumer's)?) purchasing 
activity. 

[0421] It should be understood to those skilled in the art, that the broadcast embodiment of the present invention, 
allows for: 

• Fast and reliable download of digital content over digital television broadcast infrastructure (where the digital con- 
tent is a package, to be downloaded as a unit for later play; "play" being used broadly to refer to any form of ingest 
and interpretation); 

• Self-contained description of the digital content over the digital television broadcast infrastructure. This system 
allows for the download of digital content over digital television broadcast infrastructure when a return channel 
from the content receiver to the content sender is not available (or infrequently available); 

• Improved download time when a return channel from the content receiver to the content sender is available; 

♦ Users to select and download digital content using a digital Set-Top Box(es) 1 804 and a TV connected to the digital 
television broadcast infrastructure; 

♦ Users to select and download digital content while simultaneously watching a video program; 

* Content Providers to promote the digital content, available for download, using graphics and video; 

♦ Managers to update, in real-time, the number and type of digital content available for download; 

2. Web broadcasting Over Separate Channels Embodiment 

[0422] An alternate embodiment of the End User Device(s) 109 using separate channels in a web broadcasting 
service, according to the present invention broadcast delivery is now described. Returning to FIG. 27, shown is an 
alternate embodiment for receiving Content 113 using separate channels in a web broadcasting infrastructure. FIG. 
28 is a flow diagram 2800 for a process running on the End User Device for purchasing content over the alternate 
embodiment of FIG. 27, according to the present invention. The Set-Top Box(es) 1804 receives web pages composed 
by the Web Store 2306 such as the exemplary illustrations of the user screens shown in FIGS. 29-38 below. 
[0423] The following is a description using the flow diagram 2800 of FIG. 28 with reference to the exemplary user 
screens of FIGs. 29-38. The process begins in step 2802 with promotional material being downloaded over a web cast 
channel to a promo cache 2322. In the event the user selects the button labelled "Album Lisf'a selection list as show 
in FIG. 29 is presented, step 2806. In this example three selections are possible "Madonna", "Fleetwood Mac", and 
"Jewel". More or less selections can. be shown and this just illustrates a one example. If the user makes a selection 
such as "Madonna" more information is presented about the artist in FIG. 30, step 2810. Note the possibility of pre- 
viewing samples of the music with the "Sample" buttons. When a user selects the "Sample" button a promotional clip 
is played through the Web browser 191 or alternately through Player Application 191 . If the user selects to purchase 
a selection a screen is presented to verify the "Account" and "Password" in FIG. 31, steps 2812 and 2814. In this 
example, the account information can be synchronised back with the Web Store 2306 or synchronised latter with the 
ClearingHouse(s) 1 05 as decided by the provider of the Content 11 3. The cache manager 2320 examines the Album 
+ DSC(s) Buffer 2324 to determine if the corresponding Content SC(s) 630 is locally available for retrieval. If the correct 
Content SC{s) is available, it is retrieved and passed to the Player Application 195 for processing selects. In the event 
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channels, the method comprising the steps of: 

Sabte fo7l2ept"on metadata ^ 3 *** br ° adCaSt ° hannel ' the P romotiona ' metadata related to data 
assembling at least part of the promotional metadata into a promotional offering for review by a user 
selecting by a user, data to be received related to the promotional metadata' 

^^th^lT 8 k 600 "* T b K° adCaSt Channel ' the data selected ,rom ,he P~motional metadata, and 
wherein the data has been previously encrypted using a first encrypting key and 

receiving the first decrypting key via a computer readable medium, the first decrypting key for decrypting at 
least some of the data received via the second web broadcast channel. °ecryp D ng at 

8 " t^S^jTT J IT 7 ' Where ' n SteP ° f assemb,ln 9 at least ol the promotional data Includes 

f h P ,!l° f thS P rom0ti0nal data ' nt ° 8 format readable * a web browser a " d wherein the step of 
selecting includes selecting with a web browser. 

9. A method as claimed in claim 7, wherein the step of selecting Includes selecting promotional material that have 
been previously received and stored on the user* system. maienai mat have 

: 10 A me * hod 38 claimed in clainr > 9- wherein the step of selecting further comprises the sub-steps of: 

determining the schedule for the next web broadcast of the data selected- and 

setting a trigger to trigger the usef s system to receive the next web broadcast on the second channel. 

11. Amethod as claimed inclaim 10, wherein the step of receiving data from a second web broadcast channel includes 

ZmZT se,ected from the p^omotio^a, metada,a on a web broadcast channel and a 

12. Amethod as claimed in claim 7, wherein the step of receiving data from a second web broadcast channel includes 
receiving data in a format compatible with the DirecPC™ system. cnannei inciuaes 

13 ' a ' med ° ,aim 7 ' Wherei " St6P ° f reC<SMn9 ^ fr ° m 3 SeC ° nd Web broadcast channel include 

th» ,t a „ Ut „ h f°^! n9 ° Ve l a bao ^ hannelthatthe "ser-s system is authorisedto receive the data selected; and wherein 

M ' rncTuShe^ubiep ^ M " ^ ° f reCeiV ' n9 *"* f r ° m 3 S6C ° nd Web br0adcast chan ' 1e, further 

motion?m2L»t?h a e e r K he " eXt tim8 i he US6r St3rtS the U8ert SyS,em 3 StatUS tf the data seiected f ™ pro- 
motional metadata has been received on the users system. 

15. A method as claimed in claim 7, wherein the step of receiving the first decrypting key, includes receiving the first 
decrypting key that has been encrypted with a second encrypting key. 

1 6. A method as claimed in claim 1 5, wherein the step of receiving the first decrypting key includes receiving the first 
decrypting key over a broadcast stream. receiving me nrst 

1?- house h ° d 98 C ' aimed C ' aim 15 ' Wh8reln Se ° 0nd deC,ypting key is sent t0 tne users ^tem from a clearing- 

18 ' lT t T°i 38 C ' aimed in J C ' aim 15 ' Wh6rein the seCond de Wng key has a timeout provision for decrypting data 
that has been encrypted with the second encryption key is sent to the users system from a clearinghouse 

19- A system for securely providing data to a users system over a web broadcast infrastructure with a plurality of 
channels, the system comprising: K y 

a content system; 
a first public key; 
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